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CONDITIONAL ACCESS SYSTEM 
Related Patent Applications 

The present patent application is a continiaation-in-part of the following U.S. applications, 
all of which aire assigned to the assignee of the present U.S. appUcation: 

U.S.S.N. 08/767,535, Robert O. Banker and Glendon L. Akins III, Preventing, Replay 
Attacks on Digital Information Distributed by Network Service Providers, filed 12/1 6/96; 

U.S. Patent No. 5,742,677, Pinder, et al.. Information Terminal Having Reconfigurable 
Memory, filed 4/3/95; 

U.S.S.N. 08/580,759, Wasilewski, et al.. Method and Apparatus for Providing 
Conditional Access in Connection-Oriented Interactive Networks with a Multiplicity of 
Service Providers, filed 12/29/95; 

U.S.S.N. 09/1 1 1 ,958, Seaman, et al., Mechanism and Apparatus for Encapsulation of 
Entitlement Authorization in Conditional Access System^ filed 7/8/98; 

The present patent application also claims priority based on U.S.S.N. 60/054,575, 
Wasilewski et al.. Conditional Access System, filed August 1, 1997. The present 
application is further one of seven applications with identical Detailed Descriptions. All 
of these applications have the same filing date and all have the same assignee. The titles 
and inventors of the six applications follow: 

(D-3373), Akins, et al., Method and Apparatus for Geographically Limiting Service in a 
Conditional Access System, filed July 31,1 998; 
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(D-3457), Wasilew^. a al., Au,hon.a„o„ ofSen.^es /„ a CondUional Access S.s,e„, 
filed July 3 L 1998; 



(D-3472). Akins. et al.. Representing EntUlemen^s to Service in a Conditional Access 
System, filed July 3 1 , 1 998; 

(D-3365), Pinder, e, d., Er,ayp„on trices for use ,n a CondUional Access Sys.en, filed 
July 31, 1998; ^ ■ 

(D-2999), Pinder, e. al., yer,fica„o. of, He Source ofPro^rom InformaHo. ,„ a 

Conditional Access System, filed July 31,1 998; 

(D-3614), Pinder, e, al.. Source Au,he.„ca,ion of Download lnforn,a„on /„ . Cor,dmono, 
Access System, filed July 3 1 , 1 998. . 



Field of the Invention 

The invemion concen,s sy.,ems for protecting i„fom,a.ion and more particularly concents 
systems for protecting infonnation that is transmitted by means of a wired or wireless 
medium against unauthorized access. 



Background of the Invention 

One way of distributing infonnation is to broadcast i, that is, to place the infoxn^ation on 
a medium from which it can be received by any device that is connected to the medium 
Telev..on and radio are well-known broadcast media If one wishes to make money by 
distnbuting information on a broadcast medium, there are a couple of alternatives A first 
IS to find sponsors to pay for broadcasting the information. A second is to permit access 
to the broadcast information only to those who have paid for it. This is generally done by 
broadcastmg the infonnation in scrambled or encrypted fonn. Although any device that i 
connected to the medium can receive the scrambled or encrypted infonnation, only 



IS 

the 
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devices of those users who have paid to have access to the information are able to 
unscramble or decrypt the information. 

A service distribution organization, for example a CATV company or a satellite television 
company, provides its subscribers vnth infomiation from a number of program sources, 
that is, collections of certain kinds of information. For example, the History Channel is a 
program source that provides television programs about history. Each program provided 
by the History Channel is an "instance" of that program source. When the service 
distribution organization broadcasts an instance of the program source, it encrypts or 
scrambles the instance to form encrypted instance. An encrypted instance contains 
instance data, v^hich is the encrypted information making up the program. 

An encrypted instance is broadcast over a transmission medium. The. transmission 
medium may be wireless or it may be "wired", that is, provided via a wire, a coaxial 
cable, or a fiber optic cable. It is received in a large number of set top boxes. The 
function of set-top box is to determine whether encrypted instance should be decrypted 
and, if so, to decrypt it to produce a decrypted instance comprising the information 
making up the program. This information is delivered to a television set. Known set top 
boxes include decryptors to decrypt the encrypted instance. 

Subscribers generally purchase services by the month (though a service may be a one- 
time event), and after a subscriber has purchased a service, the service distribution 
organization sends the set top box belonging to the subscriber messages required to 
provide the authorization information for the purchased services. Authorization 
information may be sent v^th the instance data or may be sent via a separate channel, for 
example, via an out-of-band RF link, to a set top box. Various techniques have been 
employed to encrypt the authorization information. Authorization information may 
include a key for a service of the service distribution organization and an indication of 
what programs in the service the subscriber is entitled to watch. If the authorization 
information indicates that the subscriber is entitled to watch the program of an encrypted 
instance, the set-top box decrypts the encrypted instance. 
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I. Will be appreciated tha, "encryption" and "scrambling" are similar processes and that 
"deception" and "descrambling" are similar processes; a difference is d.t sct^nbling 
and descrambling are genetally analog in nature, while enctyption and descHption 

processes are usually digital. 

TT>e access restricdons are requir«l in both analog and digital systems. In all systems a,e 
continued technological improvements being used to overcome the access restrictions' 
requ,„ more secure and flexible access restrictions. As mo,, systems switch from an 
analog format to a digital fom,a,. or a hybrid system containing both analog and digital 
formats, nexible access restrictions will be required. 

Restricting access to broadcast infonnation is even more impcnant for digital 
mformation. One reason for this is that each copy of digital information is as good as the 
ongmal; another is that digital information. an be compressed, and consequently, a given 
amount of bandwidth carries much more infonnation in digital fom,; a third is that the 
servtce distribution organizations ate adding reverse paths which pem,it a set-.cp box to 
send a message to the service distriburion organization, ti,ereby pennittmg Various 
interactive services. 
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Thus, the service distribution organizations require access restrictions which are both 
more secure and more flexible than those in conventional systems 



Brief Description of the Drawing 

FIG. 1 is a block diagram of a conditional access system; 

FIG. 2A is a block diagram of the service instance encryption techniques 

25 disclosed herein; 

FIG. 2B is a block diagram of the service instance decryption techniques 

disclosed herein; 

FIG. 3 is a more detailed block'diagram of the service inst^ce encryption and 
decryption techniques disclosed herein; 



FIG. 4 is a block diagram of the techniques used to dynamically provide 
entitlement agents to a DHCT; 
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FIG. 5 is a block diagram of a digital broadband delivery system in which the 
conditional access system is implemented;. 

FIG. 6 is a block diagram of the conditional access system in the digital 
broadband delivery system of FIG. 5; 

FIG. 7 is a diagram of an MPEG-2 transport stream; 

FIG. 8 is a diagram of how EMMs are mapped into an MPEG-2 transport stream; 
FIG. 9 is a diagram of how EMMs are mapped into an IP packet; 
FIG. 10 is a diagram of how ECMs are mapped into a MPE.G-2 transport stream; 
FIG. 11 is a detailed diagram of an EMM. 

FIG. 12 is a detailed diagram of a preferred embodiment of DHCTSE 627; 
FIG. 13 is a diagram of the contents of memory in DHCTSE 627; 
FIG. 14 is a diagram of how NVSCs are allocated to entitlement agents in a 
preferred embodiment; 

FIG. 15 is a diagram of an EAD NVSC; 
FIG. 16 is a diagram of other kinds of NVSCs; 
FIG. 17 is a diagram of an event NVSC; 

FIG. 18 is a diagram of a global broadcast authenticated message (GBAM); 
FIG. 19 is a detail of the contents of one kind of GBAM; 

FIG. 20 is a diagram showing how GBAMs may be used generally to provide data 
to a client application; 

FIG. 21 is a diagram of a forwarded purchase message; 

FIG. 22 is a diagram of the entitlement unit message in an ECM; 

FIG. 23 is a diagram of a code message; 

FIG. 24 is a diagram showing the relationship between TEDs and the rest of 
conditional access system 601; 

^ FIG. 25 is a detailed diagram of a TED; 
FIG. 26 is an illustration of the coordinate system used for spotlight and blackout; 
FIG. 27 shows how an area is computed in the coordinate system of FIG. 26; 
FIG. 28 is a description of a public key hierarchy; and 

FIG. 29 is a description of an EMM generator according to the present invention. 
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The refe.nce „u..ers in a.wi„,. have ,e.. «.ee ^^,s. T.e ,wo .,hun„. .i,i 

Of .he fi,^ ,„ „w.H *e i,e. identified hy fte .fe.e„ce „„„,her appeals KoT 
example, an item with reference number 203 first appears in FIO. 2. 



Detailed Description of a Preferred Embodiment 



gits 



'*=;°"°™«'^='^'«'I>--P'-wii,f™provideage„eraiintroduc.i„„toa 
condtuona, access system and to encr^tion and decryption, wiU then describe how 
servtce ,„3^ce encoding and decoding is done in a ptefet^ed embodiment, and wii, 
Utereupondescribe the techniques used in the prefetred embodiment ,o authenticate the 

HCMsandHMMsoftheprefe^dembodiment. Next, the Detaiied Besctiptilr 
descn^^wHMMscanbeusedtodyn^^^ 

he r , of enco^tton and authentication in these operations. Finally, there wiU be a 
deta. ed exposttton of how the techniques described in the foregoing are employed in a 

b^c^t^tadeiivery system withanodestt^ntreandareversepathfrom JsetZ 
ox to the head end, of ho. secure proce^rs and memo^ are employed in «,e prefel 
^bodtment .0 protect .eys and entttiement informaUon, and of how certain opeLlT 
2» ="P=rfoniied in the preferred embodiment. Prions 

Conditional Access System Overview 
. no. 1 providesan overview of a system ,01 for limiUng access to broadcast information 
Such systems will be tenned in the as "conditional access systems". A service distribu Ln 
orgamzanon 1 03, for example a CATV company or a satellite television company 

= rt.nlc,ndsof.nfom.t,on. For example, the History Channel is a service Utat provides 
elevstonptogramsabouthistoty. Each pt^gram provided by the »sto.y Channel 
--"•When.heservicedis.Hbu.ionorgani.UonbrLastsa^ 
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.105. Encrypted instance 105 contains instance data 109, which is the encrypted 
information making up the program, and entitlement control messages (ECM) 107. The 
entitlement control messages contain information needed to decrypt the encrypted portion 
of the associated instance data 109. A given entitlement control message is sent many 
times per second, so that it is immediately available to any new viewer or a service. In 
order to make decryption of instance data 109 even more difficult for pirates, the content 
of the entitlement control message is changed every few seconds, or more frequently. 

Encrypted instance 105 is broadcast over a transmission medium 112. The medium may 
be wireless or it may be "wired", that is, provided via a wire, a coaxial cable, or a fiber 
optic cable. It is received in a large number of set top boxes 1 13(0 ... n), each of which is 
attached to a television set. It is a function of set-top box 1 1 3 to determine whether 
encrypted instance 105 should be decrypted and if so, to decrypt it to produce decrypted 
instance 123, which is delivered to the television set. As shown in detail with regard to set 
top box 1 13(0), set top box ri3 includes decryptor 1 15, which uses a control word 1 1 7 as 
a key to decrypt encrypted instance 105. Control word 117 is produced by control word 
generator 1 1 9 from information contained in entitlement control message 1 07 and 
information from authorization information 121 stored in set-top box 113. For example, 
authorization information 121 may include a key for the service and an indication of what 
programs in the service "the subscriber is entitled to watch. If the authorization 
information 121 indicates that the subscriber is entitled to watch the program of encrypted 
instance 105, control word generator 119 uses the key together with information from 
ECM 107 to generate control word 117. Of course, a new control word is generated for 
each new ECM 107. 

The authorization information used in a particular set top box 1 13(i) is obtained from one 
or more entitlement management messages 1 1 1 addressed to set top box 1 1 3(i). 
Subscribers generally purchase services by the month (though a service may be a one- 
time event), and after a subscriber has purchased a service, service distribution 
organization 103 sends set top box 1 13(i) belonging to the subscriber entitlement 
management messages 1 11 as required to provide the authorization information 121 
required for the purchased services. Entitlement management messages (EMMs) may be 

7 
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.em interleaved wiU> instance data 109 in the same fashion as ECMs 107. or they cay be 
sen, v,a a separate channel, for example via an ou,-of-band RF link, to set top box 1 13(i) 
whtch stores the information from the entitlement management message (EMM) II 1 m ' 
authorization infomration 12L Of course, various techni,„es have been employed to 
encrypt entitlement management messages r 1 1 . 

Encryption and Decryption Generally 

The encryption and decryption techniques used for service instance encoding and 
decodtng belong to two general classes: symmetrical key techniques and public key 
techntques. A symmetrical key encryption system is one in which each of the entities 
wshmg ,0 communicate has a copy of a key; the sending entity encrypts the message 
ustng ,ts copy of the key and the receiving entity dec^pts the message using its copy of 
the key. An example symmetrical key encryption-decryption system is the Digital 
Enctyption Standard (DES) system. A public key enc^tion system is one in which each 
of the endties wishing to communicate has its own public key-private key pair A 
message encrypted with thepublic key can only be decrypted with the private key and 
vce-versa. Thus, as long as a given entity keeps its private key secre, i, can provide its 
pubhc key to any oUrer entity that wishes to communicate with it The other entity simply 
encrypts the message it wishes to send to the given entity with the given entity-s public 
key and thegiven entity uses its private key to dectyp, the message. Where entities are " 
exchanging messages using public key encryption, each entity must have the other's 
pubhc key. The private key can also be used in digital signamre ope«tions. to provide 
authentication. For details on encryption generally and symmetrical key and public key 
encryption in panicular, see Bruce Schneier. Applied Cryp,ograp>.y. John Wiley and 
Sons, New York, 1 994. 

The design of an encryption system for a given application involves a number of 
considerations. As will be seen in the following, considerations that are particularly 
important m the broadcast message environment include the following: 
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key security: A symmetrical key system is useless if a third party has access 
to the key shared by the communicating parties, and a public key system is 
also useless if someone other than the owner of a given public key has access 



to the corresponding private key. 

• key certification: how can the recipient of a key be sure that the key he or she 
has received is really a key belonging to the entity to which the recipient 
wishes to send an encrypted message and not a key belonging to another entity 
which wishes to intercept the message? 

• message authentication: how can the recipient of a message be sure that the 
message is from the party it claims to be from, and/or that the message has not 
been altered? 

• speed ofencryption and decryption: in general symmetrical key encryption 
systems are faster than public key encryption systems and are preferred for use 
with real-time data. 

• key size: in general, the longer the key used in an encryption system, the more 
resources will be required to break the encryption and thereby gain access to 
the message. 

All of the foregoing considerations are influenced by the fact that the environment in 
which a conditional access system operates must be presumed to be hostile. Many 
customers of broadcast services see nothing wrong with cheating the service provider and 
have nothing against tampering physically with the portion of the conditional access 
system that is contained in the receiver or using various cryptographic attacks to steal 
keys or to deceive the receiver about the source of the messages it receives. Moreover, 
the providers of the systems that actually broadcast the services do not necessarily have 
the same interests as the providers of the service content, and therefore need to control not 
only who can access a given instance of a service, but also what entities can offer services 
to a given receiver. 
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Service Instance Encryption and Decryption: FIGs. 2A and 2B 

In overview, the encryption system of the present invention uses symmetrical Icey 
encryption techniques to encrypt and decrypt the service instance and public key 
encryption techniques to transport a copy of one of the keys used in the symmetrical key 
techniques of the key from the service provider to the set-top box. 

In Fig. 2A, clear services such as the elementary digital bit streams which comprise . 
MPEG-2 programs are sent through a P level encryption called the Program Encrypt 
function 201. which is preferably a symmetric cipher such as the well-known DES 
algorithm. E^ch elementary stream may be individually encrypted and the resulting " 
encrypted streams are sent to MUX 200 to be combined with other elementary streams 
and pnvate data, such as conditional access data. The key used in the Program Encrypt 
function 201 is called the Control Word (CW) 202. The CW 202 is generated by control 
word Generator 203 which can be either a physically random number generator or can use 
a sequential counter with a suitable randomization algorithm to produce a stream of 
random CWs. A new CW is generated frequently, perhaps once every few seconds and is 
applied to each elementary stream on the same time scale. Each new CW is encrypted by 
Control Word Encrypt & Message Authenticate function 204 using a Multi-Session key 
(MSK) 208 provided by Multi-Session Key generator 205. The CW is then combined into 
an ECM 107 with other service-related information. The ECM 107 is authenticated by 
Control Word Encrypt & Message Authenticate function 204 which produces a message 
authentication code using a keyed-hash value derived from the message content combined 
with a secret which can be shared with the receiving set-top box 1 13. This secret is 
preferably part or all of the MSK 208. The message authentication code is appended to 
the rest .f the ECM 107. The CW 202 is always encrypted before being sent along with 
the other parts of the ECM to MUX 200. Tlris encryption is preferably a symmetric 
cipher such as the Triple-DES algorithm using two distinct 56-bit keys (which taken 
together comprise MSK 208). 

The MSK 208 has a longer lifetime than CW 202. The MSK lifetime is typically hours to 
days in length. MSK 208 is both encrypted and digitally signed by MSK Encrypt & 
Digital Signature function 206 before being sent to MUX 200 encapsulated in EMM 1 1 1 . 

10 
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MSK 208 and other parts of EMM 1 1 1 are preferably encrypted using a public key 
algorithm, such as the well-known RSA algorithm, with a public key associated with the 
specific set-top box 113 to which the EMM is addressed. The public keys of all set-top 
boxes 1 13 in a system 101 are stored in Public Key Data Base 207. The public keys in 
this data base are preferably certified by a certificate authority. The digital signature 
function in 206 is preferably the RSA digital signature method, although others could be 
used. In the case of an RSA digital signature, the private key which is used to make the 
signature belongs to the entitlement agent within service distribution organization 103 
responsible for authorizing the associated service. 

In FIG. 2B, the corresponding DHCT private key and associated DHCT public secure 
micro serial number are stored in memory 232 of decoder 240. Public secure micro serial 
number is provided so that demultiplexer 230 can select an encrypted multi-session key 
addressed to decoder 240 from transport data stream (TDS). Encrypted multi-session key 
EKpr (MSK) is decrypted in decryptor 234 using DHCT private key from memory 232 to 
provide multi-session key MSK. Demultiplexer 230 also selects from transport data 
stream TDS encrypted control word (C"W) E^sk (C W). The encrypted CW is processed in 
decryptor 236 using multi-session key MSK as the decryption key to provide the 
unencrypted C W , The unencrypted C W preferably changes at a high rate, for example, 
once every few seconds. Demultiplexer 230 also selects from transport 'data stream TDS 
encrypted service Ecw (SERVICE). The encrypted service is processed in decryptor 238 
using the CW as the decryption key to recover the unencrypted service. 

Detailed Implementation of the Encryption System of FIG. 2: FIG. 3 

FIG. 3 presents more details about a preferred implementation of the system of FIG. 2. 
Encryption/decryption system 301 has two main components: service origination 
component 305 and service reception component 333. The two are connected by a 
transmission. medium 33 1 , which may be any medium which will carry a message from 
service origination component 305 to service reception component 333. Service reception 
component 333 is implemented in a set-top box, termed hereinafter a digital home 
communications terminal (DHCT). It may, however be implemented in any device which 
has the necessary computation power, for example, a personal computer or work station 

11 
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or an •'intelligent" television set. In the service origination component, at least the portion 
labeled 306 is typically implemented in equipment located at the head end of a 
broadcasting system such as a cable television (CATV) or satellite TV system In some 
embodiments, however, the head end may be provided with already-encrypted instances 
of the service. The remaining portion 308 may also be located at the head end, but may 
also be located anywhere which has access of some kind to head end 306 and service 
reception component 333. The latter is particularly the case if the EMMs are sent out of 
band, for example by way of a wide-area network such as the-Intemet. Also the 
transmission-medium may be storage media, where the service origination point is the 
manufacturer of the media, and the service reception component may be the element 
which reads the storage media. For example, the transmission medium can be a CD- 
ROM, DVD, floppy disk, or any other medium that can be transferred; physically, , 
electronically, or Otherwise. - ' 

Beginning with service origination portion 305, random number generator 307 is used to 
generate MSK 309. Next, an EMM 3 1 5 containing MSK 309 and related information is 
produced. EMM 315 also includes a sealed digest. The sealed digest has two purposes- 
to ensure that the information placed in EMM 315 by service origination 305 is the same 
information that arrives at DHCT 333 and to ensure that the information has in fact come 
from an entity which is empowered to give access to the service. 

The sealed digest is made in two stages: first, a digest of the EMM's contents (here MSK 
309 and the related infonnation) is made by hashing the contents in a secure one-way 
hash function to produce a relatively short bit string. The secure one-way hash function 

has three properties: 

• the contents that were hashed to produce the short bit string camiot be 
determined from the short bit string; and 

• ^y<=hange in what is hashed produces a change in the short bit string; and 

• is computationally infeasible to construct a different message which 
produces the same short bit string as the EMM. 

The shon bi. sttng oufl^u. of .he hash function can ftu. be used to de.em,ine whether the 
contents of the EMM have changed in transit ,vi,hout disclosing those contents. The 

12 
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preferred embodiment uses the Message. Digest 5 one way hash function, as indicated by 
the notation MD5, For details on one-way hash functions, see the Schneier reference, 
supra. The digest is a sealed digest because it is encrypted with a private key SP Kr 3 10 
belonging to the entitlement agent (EA) that has the right to give the DHCT access to the 
service for which the MSK is used to produce the key. Before the sealed digest can be 
used to check whether the EMM was transmitted correctly, it must be decrypted using the 
entitlement agent's public key. The sealed digest thus confirms to the DHCT both that 
the contents of the EMM have been transmitted correctly and that the source of the EMM 
is the entitlement agent. 

Once the sealed digest is made, the contents of the EMM (here, MSK 309 and the related 
information) are encrypted with the public key DHCT Ku 312 of the DHCT 333 to which 
EMM 315 is addressed and EMM 315, containing the encrypted contents and the sealed 
digest, is sent via transmission medium 33 1-to "the DHCT 333. In the following, the 
notation Kr is used to indicate a private key and Ku is used to indicate a public key. The 
notation RSA indicates that the encryption is done using the well-known RS A public key 
encryption algorithm. 

As shown in DHCT 333, EMM 315 can only be decrypted by the DHCT 333 whose 
private key 337 (DHCT Kr) corresponds to the public key used to encrypt EMM 3 1 5, 
DHGT 333 decrypts EMM 315 and uses the sealed digest to determine whether the EMM 
315 was correctly transmitted. The determination is made by using public key SP Ku 335 
for the entitlement agent to decrypt the sealed digest. Then the contents of EMM 3 15 are 
hashed using the same secure one-way hash function that was used to make the digest. If 
the resuhs of this hash are identical to the decrypted sealed digest, the determination 
succeeds. The check with the sealed digest will fail if the transmission to the DHCT 333 
was corrupted in transit, if DHCT 333 does not have the private key corresponding to the 
public key used to encrypt the EMM (i.e., is not the DHCT 333 for which EMM 315 was 
intended), or if DHCT 333 does not have public key 335 (SP Ku) corresponding to the 
private key of the EA that was used to make the sealed digest. The latter will be the case 
if that DHCT 333 has not been given access to services provided by the entitlement agent. 
EMMs 315 addressed to DHCT 333 are sent repeatedly; consequently, if the problem was 

13 
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co™p,io„ in .ransiu a„ uncormpted EMM 3 15 will be received shonly and U,e 
de.e™„a«on will succeed. „„. DHCT 333 co„es ,o have SP K„ 335 needed ,„ dec^p, 

the sealed digest will be explained in more deail later. 

THe next stage i„ service origination 305 is generating control word 3, 9 used to actually 
encrypt service instance 325 and generating the ECM 323 which caries the infonnation 

neede todecrypttheservice instance .OOHCT333. Thecon.rolword31,is;rer: 
by-don„„un,bergene,a.or317. This can bea ..e randon, nun,ber generato 
o«pu, .s the result of sonte basic underlyhig random physical process, or some Ith 
means, for example, the resuh of encrypting a value, called a -counter" (which inc 

-.onea«ereach„se,wi.30HS.usi„gtheMSKas.he.y.ln.he::ser^^^^^^ 
n.um e, .he encrypted conttol word is transmitted in the ECM. In the case of the ZZ 

^e^^c™.,., word generation, the Clear version Of .he.coun.er" is used in.^ 
ECM. AS ment^ned above, the control word is a short-tenn .ey, i.e, it has a life thne 2 
few seconds or less. Included in the ECM 323 is a digest of the contents plus the MSK 
wh.h ts made ush,g the MD5 one-way hashjust described. The inclusio of the MSK in 
makmg the digest gives the entidemen, agent to which the ECM 323 belongs a shZ 
secret ..h,heOHCrs333 that are enutled to receivese^ice instances fto:^ 

of ECMs 323 fioma.aource other than the entitlement agent. As will be seen in more 

^a ater, the prefen^dembodimentusesthesharedsecrettechni,. generally: 
a^...eme...whichcon..^ 

ECM 323 is sen. together with enc^ted contem 329 to DHCT 333. The ftrst ECM 323 
for a gtven porton of encrypted content 329 must of course arrive a. DHCT 333 before 
the encrypted content does. In the prefeixed en.Hr.A- 

« ^ , ^ embodiment, content 325 and ECM 323 are 

enco ed according .o U,e MPEG-2 standard. TTte standard provides for a .ansport stream 
- wmch .ncludes a number of component streams. Some of these can, content 3,9 
another carries fte ECMs 323, and a third carries the EMMs 315. Only dte 

ECMs .23 and the con,enUof EMMs 315 have already been enc.,p,ed. no further 
enco^pnon is needed when they aresen. in the MPEO-2 transport stream. The manner in 
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which EMMs and ECMs are transported in the MPEG-2 transport stream will be 
described in more detail later. 



When an ECM 323 is received in DHCT 333, control word 319 is either decrypted or 
found by encrypting the counter value at 343 using the MSK. The integrity of the 
contents of the ECM 323 is checked by comparing the value resulting from hashing the 
contents plus some or all of the MSK (based on cryptographic principles) in the one-way 
hash function with the message digest contained in ECM 323. Included in the contents 
are control word 319 and information identifying the service instance 325 which ECM 
323 accompanies. The identifying information is used together with the authorization 
information received with EMM 315 to determine whether DHCT 333 is authorized to 
receive the service instance 325. If it is, control word 3 1 9 is used in service decryptor 347 
to decrypt encrypted content to produce original content 325. 

System 301 offers a number of advantages with regard to security. It takes advantage of 
the speed of symmetrical encryption systems where that is needed to decrypt encrypted 
content 329 and the control word in ECM 323. The control word is protected by 
encrypting it using the MSK, and ECM 323 is authenticated by using some or all of MSK 
309 as a shared secret between the entitlement agent and DHCT 333. MSK 309 is 
protected in tum by the fact that it is sent in an EMM which is encrypted using the 
DHCT's public key and by the fact that the EMM includes a sealed digest which is 
encrypted using the entitlement agent's private key. Further security is provided by the 
fact that service identification information from ECM 323 must agree with the 
authorization information received in EMM 315 before control word 319 is provided to 
service decryptor 347. For example, as described in detail in the Banker and Akins parent 
patent application supra, one use of the information in ECM 323 and EMM 3 15 is to 
prevent what are termed "replay attacks" on the encrypted services. In addition to being 
secure, system 301 is flexible. The authorization information contained in EMM 315 and 
the service identification information contained in ECM 323 together permit a wide range 
of access to service instances received in DHCT 333. 
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I>yna„ic Provision „f Mul«p,e En«.le„«, agen« ,„ DHCT 333- FIG 4 

EMM 3,5 unless „ has apubHc key fo. .he e„HUe„e„, age„. *a, has .he power .o ,ive 

n..Ue.e„.,„u.ese„.e.„hedec.yp,edh,*eMSKh,EMM3,5.™Iispa.,„r 
broader a™,,e.e„. which .akes i. possible .0 p„.,,, 333 

or„Ue.e.a^^^^ 

aufton^ (CAA). ,T,e a^gemen, teher pe™i.s. e„a.le„em age„.s have been 

3r:o:"""""~'^""'"*"— -^^^^^^^^^ 

All of the infomiation needed to perform these nn^r«t;« • 
^ . . ^. , pcnorm these operations is sent via EMMs, with 

the sealed digests being used to ensure that only the CAA n... 

uiiiy [jie i^AA may add or remove entitUi^c^..^ 

a.e„..., o„,..ee„.Me„e„,,e„,.o Which a„.hoH..o„.^^^^^^^^^ 
may modify the authorization infonnation. . 

The above arrangement has a number of advantages: 

• It permits multiple entitlement agents. 

• It pennits dynamic addition and removal of entitlement agents 

• It places limits on the services to which an entitlement agent may grant 
entitlements, but otherwise pennits entitlement agents to manage their own 
authorization information. 

• I. separa.es fte business of providing end,len.en.s ,0 services and service 
.ns.ances from *e business of acn^lly providing ins.ances of .he service- 
consequently, a CATV opera,or may simply ™ as a disttibu.ion u.ili.y " 

. I. separa.es .he business of giving an e„.i.y *e righ. .0 be an end.,en,e« agen. 
from tfie business of bemg an emiUemenl agen.. 

. I. provides an easy way of pennining a cus.on,er .0 change enti.,emen. agents 
as he or she sees fit. ^ 

• I. provides a secure arrangemen. whereby a DHCT 333 may communica.e by 
means of a reverse paft wi* an enti.lemen. agend a conditional access 
authonty. or po.emially U,e provider of d,e msances of fte service 
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FIG. 4 shows how the arrangement is implemented in a preferred embodiment. FIG. 4 is 
best understood as an extension of FIG. 3. Both FIG. 4 and FIG. 3 have the same major 
components: service origination 305, DHCT 333, and transmission medium 331 for 
coupling the two. Further, encryptor 3 1 3 and decryptor 339 are used in both figures. 
Moreover, as indicated by reference number 308, the EMMs may be either sent together 
with a service instance or by another channel. FIG. 4 further shows an additional 
component of DHCT 333, namely EMM rhanager 407. EMM manager 407 is 
implemented in software executed in a secure processor in DHCT 333. The task of EMM 
manager 407 is to respond to EMMs which add or remove entitlement agents and to 
EMMs which modify the authorizations for an entitlement agent. EMM manager 407 
further provides messages by means of which DHCT 333 may communicate with an 
entitlement agent or a conditional access authority. 

Initially, EMMs that modify an entitlement agent's authorization information are made in 
response to modification information 403 provided by the entitlement agent or required 
by the network operator. As shown at 3 1 3, the modification information is encrypted 
using the public key 312 for DHCT 333 and has a sealed digest that is encrypted using the 
private key 310 for the entitlement agent. The resulting authorization modification EMM 
405 is sent via transmission medium 33 1 to decryptor 339 in DHCT 333, where it is 
decrypted and checked in the manner deseribed above for EMMs 315 containing an MSK. 
The EA modification information 403 contained in the EMM goes, however, to EMM 
manager 407, which uses the information to modify the authorization information for the 
entitlement agent in DHCT 333. Examples of modifications include adding or canceling 
services provided by the entitlement authority and changing the conditions under which 
access to instances of a given service will be granted. 

As indicated above, the sealed digest is encrypted using the private key of the entitlement 
agent. Consequently, the validity of the EMM can only be determined if DHCT 333 has 
the entitlement agent^s public key. The public key for an entitlement agent is provided to 
DHCT 333 by an EA allocation EMM 413 from a conditional access authority, EMM 
413 contains entitlement agent allocation information 409 from the conditional access 
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auU,ori,y, a. . e„u,Wn, agent allocation i„fo^a.io„ 409 contains the public 

key fo, the entitlement agen, it may also contain infonnation about the amount of 
memoo, an entitlement agent may have in DHCT 333 and about classes of senace that an 
emitlement agent may offe. Fo. example, «te entitlement agent may no. be permitted to 
offer tn^active services. Infonnatipn 409 is enctypted «ith the public key 3,2 of DHCT 
33.. and the sealed digest is enctypted with private key 4,1 of the conditional access 
authority. 

In DHCT 333, EMM 413 is decrjTted using Private kevV,7h.i. • 

^'"^P"^^^^''^y -^^7 belonging to DHCT 333 and 
the sealed d,gest is dec^ted using CAA public key 415. If the digest conflnns the 

correctness of the contents of the EMM. EMM manager 407 allocates storage for the 
entttlement agent whose public key is contained in EMM 413. That done. EMM manager - 
407 places the entitlement agenfs public key in the storage. ,T,e storage provides a place 
to store the entitlement agenfs public key. the authorization inforntation for the services 
and service instances providedhy the ei>titlement agent, and the MSKs provided by the 
=n....=men, agent. Once DHCT 333 has the entitlement agenfs public key and storage for 
the enntlement agenfs authorization information and MSK, EMM manager 407 can 
respond to EMMs from the entitlement agent. Of course, in order to decrypt the sealed 
■gest. DHCT 333 must have public key 4,5 for the conditional access authority. As will 
be explained in more detai, later on. in a preferred embodiment, public key 4,5 and the ' 
pubhc and private keys for DHCT 333 a. installed in DHCT 333 at the time that DHCT 
J IS manufactured. 

When a customer orders a service, the an^gements Just described interact as follows- 

1. 'fh^-vi- is provided by an entitlement agent for which the customer's DHCT 

333 does not have the pubhc key, the condidona, access authority must first send 
EA allocation EMM 413 to DHCT 333; EMM manager 407 responds by 

allocating storage for the entitlement agent. Only the conditional access authority 

can send EA allocation EMM 4,3. and consequently, the conditional access 

authority (CAA) can contro, access by entitlement agents to customers of a 

particular service distribution organization. 
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2. If DHCT 333 has the entitlement agent's public key, either because step (1) has 
just been performed or was performed at some time in the past, the entitlement 
agent sends modification EMM 405 with the authorization information for the 
newly-ordered service or service instance to DHCT 333. EMM manager 407 
responds thereto by storing the authorization information in the allocated space. 

3. Once step (3) is done, DHCT 333 can receive EMM 3 1 5 with the MSK for the 
service from the entitlement agent. EMM manager 407 stores the MSK in the 
allocated space. 

4. When the actual service instance is sent, it is accompanied by ECMs containing 
the current control word. The MSK is used to decrypt the ECMs and the control 
words obtained from the ECMs are used to decrypt the instance of the service. 

The above use of EMMs and ECMs to control access to instances of a service thus 
guarantees that no entitlement agent will have access to DHCT 333 without permission of 
the conditional access authority and that no DHCT 333 will have access to an instance of 
a service without permission of the entitlement agent for the service. It also makes it 
possible for the entitlement agent to be in complete control of the service. Access to the 
service is defined by the EMMs 405 and 3 1 5, and these may be sent by the entitlement 
agent to DHCT 333 independently of the service distribution organization. Further, it is 
the entitlement agent which provides the MSK used to generate control words and decrypt " 
the ECM to both the service distribution organization and DHCT 333. Indeed, if the 
entitlement agent wishes to do so, it can itself provide encrypted instances of the services 
to the service distribution organization, which, in such a case, merely flinctions as a 
conduit between the entitlement agent and DHCT 333. 

Secure Transmission of Messages via the Reverse path 

FIG. 4 also shows how the techniques used to ensure the security of EMMs are also used 
to ensure the security of messages sent from DHCT 333. The example shown in FIG. 4 is 
a forwarded purchase message (FPM). The forwarded purchase message is used for the 
interactive purchase of an instance of a service. One example of such a purchase is what 
is called impulse pay-per-view, or IPPV. In such a system, the beginning of an event, for 
example, a baseball game, is broadcast generally and customers can decide whether they 
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wan. -o see a„ of .., ,„ u,a, case. *ey m.. p^viCe i„p„, ,o UHCT 333 Mca,es 

FPM an. se„*.g ,„ en,me.e„, agen. so e„,«e„e„. agen, can change L 

u^o^e. fo.U,e even, and sendan EMM 315 confi^ng u., DHCr333 n.a, coLe 

to dec^yp, U,e even.. T,. inf„nna.ion needed by .he en«en.en. agen. is fonva^ed 
enuUen^en. infonnaUon 417; .o ensu« .heprivacy of d,ecus.on>er. .his info^adon is 
enco-p.ed ..tag U,e 3DES aigorito »iu, a key 420, as shown a. 343, ,o prince 
™d fonvard en,i..en,en, infonna,io„ 4,.. Tl,e key 420 is composed of nvo 56-bi. 
DES keys. The 3DES enc.yp,io„ operation is a sequence of *.e DES ope„.i„ns. 
enc^.ion using U.e firs. DES key, dec.yp,ion using Ure second DES key and encrypUon 
using U,e fi.s. DES key Then key 420 is enc,^.ed using .e puhiic key 33^ I 
en.,,,en.em agen. and U,e sealed diges. is made using fte priva.e key of DHCT 333 Al, 

Of U.ese pa..s .oge*e. nrake up fonvarded pu^hase message 421, Which is addressed .o 

the entitlement agent. 

31 0, and *e sealed d,ges. is decrypted using fte public key 3 12 of *e DHCT ,f ,he 
Encrypted Forwarded EnriUenren. Infonnation (EFEI) 419 con.ained in U,e FPM 421 U 
de.em,ined no. .0 have been „ wiU,, i. is p^ ,„ 3DES decryption 443, which 
decryprs „ using key 420 and provides forwarded enU.,emen. information 4,7 „ ti,e 
»..«™.agen. AS ^l,beimmedia.e,y apparent, U,e^^ 

* .DES encrypuon of *e contents of U,e message, can be used to send messages to any 
enu.y for wh.ch DHCT 333 has the public key. A. a minimum. ti,is includes th! CAA 
and any e„.i.lement agent which has been allocated memoty in DHCT 333. 

Authentication of Global Broadcast Messages 

A global broadcast message is one which is no. addressed to any individual DHCT 333 or 
.0 any group of DHCTs 333, .„ a prefet^ed embodiment, global broadcast messages 
accompany instances of services and contain infonnation ti., is ..levant to the instance 
ti^eyaccompany. Consequently, the encryption and authentication techniques used in the 

globalbroadcastmessagesmustpermitrapiddecryptionandautaticitychecking One 
example of aglobal broadcast message is the ECM. 0*er examples are the diffelt 
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types of global broadcast authenticated messages, or GBAMs. As with ECMs, it is 
necessary to prevent global broadcast messages from being spoofed, and it is done in the 
same fashion as with the ECMs. More specifically, the digest is made using some or all 
of the MSK together with the content of the global broadcast message. The MSK thus 
functions as a shared secret between the entitlement agent and DHCT 333. When EMM 
manager 407 receives the global message, it makes a digest using the contents of the 
received message and the MSK and responds to the received message only if the digest 
agrees with the one contained in the message. An advantage of using a digest made with 
the MSK to authenticate the global broadcast message is that the digest may be both made 
and checked very quickly. 

Implementation of the Conditional Access System in a Digital Broadband Delivery 
System 

The foregoing has described the conditional access system in terms of ECMs, EMMs, and 
other messages and in terms of the manner in which the messages and their digests are 
encrypted and decrypted. The conditional access system as just described will work with 
any conmiunications arrangement which permits an instance of a service to be delivered 
to a DHCT together widi ECMs and other broadcast messages and which permits the 
DHCT to receive EMMs from a conditional access authority and one or more entitlement 
agents. The conditional access system is, however, particularly well-suited for use in a 
modem digital broadband delivery system, and the following will describe howthe 
conditional access system is implemented in such a delivery system." 

Overview of the Digital Broadband Delivery System: FIG, 5 

FIG. 5 provides an overview of digital broadband delivery system (DBDS) 501. DBDS 
501 includes service infrastructure 503, a headend 515, a transport infrastructure 517, 
hubs 519 (0 ... n), access networks 521 (0 ... n), and Digital Home Communications 
Terminals (DHCTs) 333. The service infrastructure consists of Value-Added Service 
Provider (VASP) systems 509, which are systems that provide services to the broad band 
delivery system, the Digital Network Control System (DNCS) 507, which manages and 
controls services provided by means of DBDS 501, the Administrative Gateway (AG) 
505, which is a source of service provisioning and authorization information in DBDS 
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501. Nenvoric Management System (NMS) 5U. which maintain, a database of system 
stands and performance infonnation, and the Core Network 513. which interconnects other 
Servce Infrastructtne 503 components with headend 51 5. to a preferred embodiment 
core Network 513 consists of ATM-based switching and transmission facilities. Hea^nd 
5 ptovtdes an interface between service infrastructure 503 and ^ansport infrastruc^ 

7. Transport infrastructnre 5 1 7 provides a high-bandwidth intercom,eetion from 
headend 515 to hubs 519(0..n,. Each hub 519(i) serves an access network 521(i) which 
consrsts of hybrid fiber coax (HFC) nodes 523 comrected via a coax bus network'to 
DHCTs 333. A given DHCT 333 (k) in DBDS 50. thus belongs to an HFC node 532fl) 
man access network 52I(i). Transport infras.rucn.re 517 and access network 523 may 
provide oriy a forward channel from head end 515 to a given DHCT 333(k) but 
preferably provide both a forward channel and a reverse path. Each instance' of a DBDS 

501 generally provides service to a metropolitan area. 

DBDS 501 can be implemented in a variety of configurations to fit the circumstances of a" 
pamcular sen,ice environmem. For example, headend ec,uipment may be deployed 
wthin headend 515. within a hub 519(i). or as pan of a VASP system 509 DNCS 
components 506 may be deployed within headend 5 .5 or distributed among the hubs 519 
Transport infrastructure 51 7 may utilize SONET add/drop multiplexing, analog fiber 
technology, or other transmission technologies. 

Overview of (he Conditional Access System: FIG. « 

FIG. 6 shows the components of a preferred embodiment of conditional access system 
60 .n DBDS 501. Conditional access system 60, is acoUection of components DNCS 
.07, headend 515, and DHCT 333 that together provide security and condition^ access 

services. 

Tl.e components of conditional access system 601 perfonn the following functions: 
1 • encrypting the service content 



2. 



encrypting the control words used for service encryption 

words 



30 3. authenticating the ECMs that contain the encrypted control 



4. passing the ECMs to DHCTs 
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5. managing a subscriber authorization database 

6. encr\'pting and authenticating EMMs containing subscriber entitlement 
information 

7. passing the EMMs to DHCTs 

.5 8. decr>'pting the EMMs and checking their authenticity at the DHCTs 

9. responding to the EMMs by modifying entitlement information in the DHCTs 

10. responding to the ECMs by authenticating them, decrypting the control word, and 
checking entitlement at DHGT 333, and 

11. " if the ECM is authentic and the authorizations permit, decrypting the service 
10 • content. 

These requirements are met by the following components of conditional access system 
601: ' . 

Stream Encryption & ECM Streamer Modules 620 in head end 515; 

Control Suite 607 in DNCS 507; - 
15 I. " Transaction Encryption Deyice 605 in head end 515, with secure link to DNCS 

507; 

II. Ser\'ice Decryptor Module 625 in DHCT 333; 

III. Security Manager Module 626 in DHCT 333; and 

IV. DHCTSE627inDHCT333. 

20. - 

FIG. 6 depicts a typical configuration of these components for securing digital services 
within DBDS 501. In the following, the components will be described in more detail. 

Service Encryption & ECM Streamer Module 620 

25 Service Encryption and ECM Streamer (SEES) module 620 is a component of QAM 

Modulator 619 that operates under direction of control suite 607 to encrypt the MPEG-2 
transport stream packets that are employed in the preferred embodiment to transmit 
service content 325. As shown in FIG. 6, service content 325 may be received from 
sources such as a digital satellite distribution system 613, a digital terrestrial distribution 

30 system 6 1 L or a media server 609. Media server 609 may be connected to head end 5 1 5 

by a broadband integrated gateway 615. SEES 620 uses MSK 309 to generate the control 
words 319 used for service encryption and creates ECMs 323 for transporting the control 
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words .ogcher .„co,p,ed service con,e„, 329 within the outgoing MPEO-2 

Jorr^r' '''' "° ^"^"""^ -^-^ msk^ 

~ " ^ «° for. 

m EMM-hke messages. 

5 . 

DHCT333 

DuZ III ' '"^''"^ ^ ~n set. 

DHCT 333 reeves and interprets EMMs. ECMs, and GBAMs and decrypts instances of 

™--^^333 ^erprovidesthecuston.erinterfaceforOBDS50Iandreceives 
— r,nput628 Wthecustcer. In response to the customer input. DHCT 333 
may generate FPMs or other messages that travel via the reverse path to the CAA or to 
. EAs. In a preferred en.bodin.ent, DHCT 333 is implemented using a combination of 
general purpose processors. ASICs, and secure elements (which may be implemented 
drscretely or integrated). For purposes of the present discussion, DHCT 333 has three 
important components: service decryption module 625, security manager 626, and DHCT 
secure element (DHCTSE) 627. Service decryption module 625 is prefer^blv 
implemented in an ASIC, and security manager 626 is preferably implemented in 

software. DHCTSE 627 is a secure element for nerfnrm- 

Clement lor performrng secunty and conditional 

access-related functions. 
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30 



Service Decrj ptor Module 625 

S^ce decr,^,„. «3 ^^^^^^ ^ 

MPEG., ^^^^^ ^^^^^ ^^^^^^ ^^^^^^^ ^^^^^ ^^^^^ ^ 

used for serv,ce dec.yp.ion fron, DHCTSE 627. DHCTSE 627 controls which ^ansport 
strean, packets ^ decrypted by only passing the control words for authorized services to 
servrce decryptor 625. 
Security manager 626 

Security manager 626 is a software module of the DHCT that provides an iatetiace 
DHCTSE 6 ■ """""" 
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DHCTSE627 

DHCTSE 627 stores keys, interprets EMMs and ECMs, and produces FPMs. With the 
EMMs .and ECMs, it does the decryption and authentication required for interpretation 
and with FPMs, it makes the sealed digest and encrypts the FPM. Thus, in the preferred 
embodiment, EMM manager 407 is implemented in secure element 617. In addition, 
DHCTSE 627 provides encryption, decryption, digest, and digital signature services for 
other applications executing^on DHCT 333. Secure element (DHCTSE) 627 includes a 
microprocessor and memory that only the microprocessor may access. Both the memory 
and the microprocessor are contained in tamper-proof packaging. In interpreting EMMs, 
DHCTSE 627 acquires and stores keys and entitlement information; in interpreting 
ECMs, DHCTSE 627 uses the entitlement information to determine whether DHCT 333 
receiving the ECM has an entitlement for the instance of the service which the ECM 
accompanies; if it does, DHCTSE 627 processes the ECM, and provides the control word 
to service decryptor module 625 in a form that it may use to decrypt or descramble 
services. DHCTSE 627 further records purchase information for impulse-purchasable 
services such as IPPV and stores the purchase data securely until the data is successfully 
forwarded via a forwarded purchasing message to control suite 607. DHCTSE 627 
maintains MSK for the EAs, the private/public key pairs for DHCT 333, and the public 
keys of the conditional access authorities and the entitlement agents. 

Control Suite 607 

Control suite 607 is a member of the DNCS family of software. Control suite 607 
controls the encryption of services performed by a SEES module 620 based upon input 
from the DNCS broadcast control suite component. Control Suite 607 also maintains a 
database of subscriber authorizations based upon transactions received from 
Administrative Gateway 511. Control suite 607 generates EMMs for communicating 
subscriber authorizations and other conditional access parameters to the DHCTSE 627. 
Control suite 607 acts on behalf of entitlement agents. The EMMs generated by control 
suite 607 for communicating subscriber authorizations and other conditional access 
parameters to DHCTSE 627 are encrypted with the public keys of the DHCTs 333 to 
which they are directed and are authenticated with the private key of the EA, which is 
maintained by transaction encryption device (TED) 603. DHCTSE 627 maintains the 
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public key of .he EA and u.es i, ,o confi™, u,e autoricity of EMMs generated by 

control suite 607 for the EA. 

Co„W Suite 607 teber enables tlte establishment of a conditional access authority 
(CAA). Contn^l suite 607 generates EA aUocation EMMs 413 which pass the public key 
of ^e EA to a DHCTSE 627. These EMMs 4,3 are enct^ted as described above, but L 
authe„t.cated using a digital signature made with fte private key of the CAA which is 
maintained by TED 603. DHCTSE 627 is pre-provisioned with the public kiy of the 
CAA for use in confmning the authenticity these EMMs 413. - 

Communications between control suite 607 and the rest of conditional access system 601 
are by means of LAN interconnect devices 605 and 61 7. Device 605 connects Control 
Su,.e 607 to Administrative Gateway 505, fmm which it „:ceives the information 
necessaty to make ECMs and EMMs, and device 61 7 connects it to the SEES modules 
620 m .he QAM modulators and to QPSK modulator 621 and QPSK demodulator 673 
whrch are in turn connected to HFC network 521 . The connection between Control Suite 
607 and DHCT 333 via LAN intercomiect device 61 7. modulator 621, demodulator 623 
and HFC nenvork 52 1 implements the reverse oath n«.rf«i f„ 

c reverse pam needed for messages such as FPM 421 
and also implements a forward chamiel to DHCT 333. This forward chamiel is 

independem of the forward chaiuiel used to provide the services. In conditional access 
system 601, Control Suite 607 can send EMMs or4,roadcast messages to DHCT 333 
either by the fonvard channel Just described or by sanding them together wi,h an instance 
or a service. 



25 Transaction Encryption Device 603 

Transaction Enc^tion Device (TED) 603 serves as a penpheral to Control Suite 607 
TED 603. under the direction of Control Suite 607. encrypts and makes sealed digests of 
vanous condiUonal access system messages, including EMMs. TED 603 may also 
generate and store (MSKs) which are used by SEES 620 to encrypt *e control words in 
the ECMs and to decrypt rte control words in DHCTSE 627. TED 603 furfter uses the 
MSKs to authenticate the global broadcast message Cass of conditional access system 
messages. Authentication is done by hashing the contents of the message togedier with 
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some or all of the MSK. TED 603 decrypts and verifies the authenticity of Forwarded 
Purchase Messages 421 sent from the DHCTs 333 as well as other messages sent using 
the reverse path. TED 603 maintains the private keys of the CAA and the EA aiid 
receives from the DNCS the public keys of the DHCTs from which it receives messages. 
As will be explained in more detail below, TED 603 receives the public keys from a 
source that confirms the authenticity of each key. TED 603 finally makes a sealed digest 
for the EMMs using the private key of the CAA and EA as appropriate for the EMM. 

Using the Conditional Access System to Support Services and Programs Executing 
in DHCT 333 or Service Infrastructure 507 

The conditional access system can be utilized to secure the provisioning of a service or to 
provide security services to programs executing on DHCT 333 or programs in Control 
Suite 607. Secure service provision does not require that the DHCT programs that 
support the service be secure. The reason for this is that the following may be done only 
by DHCTSE 627 in DHCT 333 or by a TED 603: 

• generation of the MSK; 

• storage of the MSK; 

• storage of the keys needed to encrypt and/or decrypt EMMs and to make and 
check sealed digests; - 

• storage of the entitlement information received from the EAs; 

• encryption and/or decryption of EMMs; 

• encryption or decryption of the control word; 

• provisioning of the MSK to SEES module 607 and the decrypted control word 
to service decryption module 625; 

• making and checking digests with shared secrets; 

• making and checking sealed digests; 

• confirming that a DHCT 333 is entitled to receive a service. 

A program executing on DHCT 333 or a program in control suite 607 has no access to 
any of the information stored in DHCTSE 627 or TED 603 and can thus do nothing with 
EMMs and ECMs beyond asking DHCTSE 627 or TED 603 to generate or interpret them. 
For example, when DHCT 333 receives an EMM, it simply passes the EMM to DHCTSE 
627 for processing; when it receives an ECM, it does the same; if the authorization 
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info™,a.io„ co„,ained m ECU and stored in the DHCTSE 627 indicates tl,at DHCt 
. ... ts entitled to the sen-ice, DHCTSE 627 provides the decrypted control word to 

service decryption module 625. 

T.e condiUonai access system can also do security checicing for progran,s generally For 
exatnple, a program executing on DHCT 333 that ,«,„i,es downloaded infonnation from 
a setver application ntay expea that a sealed digest was added to the infonnation befot. it 
was downloaded, and the program may use DHCTSE 627 to checle the sealed digest and 
deteimme whether the information is authentic but it i, ,m ,„ ,1, 

t„H„ -.u.u ■ , ^"'"'•'"'""^''P'olhc program to decide what 

to do w,ft the .nfomtation when DHCTSE 627 indicates that it is not authentic. 

Details of Messages in Conditional Access System 601 

Ittconditional access system 601, the ECM, the EMM, the FPM. and the GBAM are al, 
dtfferen, types of conditional access messages. The conditional access messages all have 
a common format, namely a header, the message itself, and a message authentication 
code, or MAC. The header contains the following infonnation: 

• the type of the message, i.e., whether it is an ECM, EMM, OBAM, or 
something else; 

• the length of the message; 

• an identifier for the conditional access system; 

• an identifier for the type of security algorithmused with the message 
including encryption of the message and authentication of its contents; and 

• the length ofthe message content. 

The header is followed by the enctypted message and the MAC, which, depending on the 

message type, may be a sealed digest or a diof^^t r„o^ ■ i. 

cu uigesi or a digest made with some or all of the MSK 

together with the message. 

In digital broadband delivety system 501, CA messages may travel either in a MPEG-2 
data stream or in an IP paclcet. that is. a packet made according . the rules ofthe Interne, 
Protocol. Also, other transport protocols such as ATM may be used. In the preferred 
embodtment, messages from control suite 607 .0 DHCT 333 may travel in MPE0.7 or IP 
packets; messages from DHCT 333 to control suite 607 travel as IP packets on the " 
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path provided by QPSK demodulator 623 and LAN interconnect device 617. In general, 
messages to DHCT 333 which are closely associated with particular instances of services, 
such as ECMs and GBAMs, travel in the MPEG-2 data stream; EMMs may travel either 
in the MPEG-2 transport stream or as IP packets via LAN interconnect device 617 and 
QPSK modulator 62 L 

CA Messages in the MPEGr2 Transport Stream: FIG. 7 

FIG. 7 is a schematic representation of an MPEG-2 transport stream 701 . An MPEG-2 
transport stream is made up of a sequence of 1 8 8-byte long transport packets 703. The 
packets 703 in the stream carry information that, when combined at DHCT 333, defines 
an instance of a service and the access rights of a given DHCT 333 to the service. There 
are two broad categories of information: program 709, which is the information needed to 
produce the actual pictures and sound, and program specific information (PSI) 71 1, which 
is information concerning matters such as how the transport stream is to be sent across the 
network, how the program 709 is'packetized, and what data is used to limit access to the 
program 709. Each of these broad categories has a number of subcategories. For 
example, program 709 may include video information and several channels of audio 
information. 

Each transport packet 703 has a packet identifier, or PID, and all of the packets 703 that 
are carrying information for a given subcategory will have the same PID. Thus, in FIG. 7, 
the packets carrying Video 1 all have PID (a), and the packets belonging to that 
subcategory are identified by 705(a). Similarly, the packets carrying Audio 1 all have 
PID (b), and the packets belonging to that category are identified by 705(b), A 
subcategory of information can thus be identified by the PID of its packets. As shown at 
output packets 707, the output from mux 704 is a sequence of contiguous individual 
packets from the various subcategories. Any part or all of MPEG-2 transport stream 701 
may be encrypted, except that packet headers and adaptation fields are never encrypted. 
In the preferred embodiment, the sets of packets making up program 709 are encrypted 
according to the DES algorithm, with the control word as a key. 
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Two of fce subcategories are special: those identified by PID 0 (7C5(e)) and PID I 
(705(c)) list the PIDs of the other packets associated with the service(s) a„d thus can be 
■used to And all of the information associated with any service. TOe packets in PID . 
705(c) have as their contents a condiUonal access table 710, which lists the PIDs of other 
packets that contain EMMs. One set of such packets appears as EMM packets 705(d) as 
mdtcated by the arrow from CAT 710 to packets 705(d). Each packet 703 in packets ' 
705(d) contains private infonnation. that is. information which is private to conditional 
access system 601. As will be explained in more detail below, private information 713 
for the purposes of this invention, is a sequence of CA messages, each of which contains 
an EMM. and private information 719. is a sequence of nressages. each of which contains 
anECM. 

The packets in PID 0 705(e) contain a program association table which lists PIDs of 
packets that are associated with a pardcular instance of a service. One such set of packets 
.s program maps packets 705(0, which contain a program map .able 71 7 that lists 
amongst oUrer things, the PIDs of transport packets 703 contairung ECMs for the ' 
program. One such se, of packets is shown at 705(g). Each of the transpon packets 
contains private infonnation 719, which in this case is a sequence of CA messages, each 
of which contains an ECM. 

FIG. 8 shows in detail how EMMs are carried in trar^port packets 703. The payload 
space 719 m the packets carries data from a CA_PRIVATE SECTION layer 803 which 
m tun, contair^s a sequence of CA messages 805, each of which contains an EMM 807 
In th. sets of packets 705(g) carrying ECMs, the control words in the ECMs are enc^T^ted 
usmg the 3DES algorithm with the MSK as key; in the sets of packets 705(d) canying 
EMMs, the EMMs are encrypted using the public key of DHCT 333 for which they are 
intended. As will be immediately apparent, the techniques just described can be employed 
to transmit any CA message 805 as part of an MPEG-2 transport stream 
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Mapping CA Messages into IP Protocol Packets: FIG. 9 , 
FIG. 9 shows how EMMs are mapped into the Internet Protocol (IP) packets used to 
communicate between control suite 607 and DHCT 333 via LAN device 617 and QPSK 
modulator 621 and demodulator 623. An IP packet 903 is a variable-length packet that 
consists simply of a header and a payload. The header contains source and destination IP 
addresses for the packet. With an EMM, the source address is the IP address of the CA or 
EA, and the destination address is the IP address of DHCT 333. In the preferred 
embodiment, the IP address of DHCT 333 is constructed using its serial number. The IP 
addresses in DBDS 501 are partitioned by HFC node 523. The payload of the IP packet is 
a packet 905 belonging to the User Datagram Protocol (UDP) which has as its payload a 
CA_PRIVATE_SECTION 803, which in turn contains a sequence of CA messages 805, 
each of \yhich contains an EMM 807. 

ECM Structure Details: FIG. 10 . 

FIG. 10 shows details of the structure of an ECM 1008 and shows the mapping 1001 from 
an ECM 1008 to a set 705(e) of MPEG-2 transport packets 703. As before, the data of a 
CA_PRIVATE_SECTION 803 is carried in a set of MPEG-2 transport packets 703 with 
the same PID. The data is a header 1003 for private section 803 and a sequence of CA 
messages 805, each of which includes a CA message header 1005, a CA ECM message 
1007, and an ECM MAC 1013. CA ECM message 1007 and ECM MAC 1013 together 
make up ECM 1008. 

FIG. 10 also shows how the control word is protected in ECM 1008 and how ECM MAC 
1013 is produced. The control word is a random value that is either encrypted using 
3DES encryption or created by encrypting a counter value using 3DES encryption, using 
the MSK as the key. In either case, the preferred embodiment calls for an MSK which is 
made up of two 56-bit DES keys, and the 3DES encryption operation is a sequence of 
three DES operations: encryption using the first DES key, decryption using the second 
DES key, and encryption using the first DES key. The control word, too, may have even 
or odd parity. As shown at 1013, the odd control word (after suitable encryption) 
becomes part of ECM_entitlement_unit_message 1011, and, in its non-encrypted form, is 
used together with some or all of the MSK as input to the MD5 one-way hash function to 
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produce ECM MAC ,0.3. Tie same p^cedure is used wi,h U,e eve„-pari,y control 
word. The conKnts ofter 4an to cpnttol word of ECM.e„ti,leme„,_u„i,_message 1011 
will be examined in more detail later. 

5 EMM Structure Details: FIG. 11 

FIG. UshowsaCAmessageSOSwhichcontainsanEMM 1112. CA message 805 has a 
header 1003, a CA EMM message 1 101, and a sealed diges, 1 103. CA EMM message 
1101 consists of CA EMM message header 1 1 05, EMM message 1 1 07. and CRC error 
detection code 1109. EMM message 1 107 in its mr« contains EMM header 1 1 13 and 

Dk™"'''' ' '"'^-'"^'"^-"^'^ -^P-" -in. .he public key of the 
DHCT .33 for which i, is intended. The data which is encrypted is EMM data 1 129 
whtch m n™ is made up of EMMJnside_header U 23 and EMM command data 1 125 
together with padding 1127. EMM data 1 129 is also input to the MD5 one-Xay hash 
function to produce EMM MAC U 1 9 and sealed digest 1 1 03 is made by enctypting 

'S EMM.sigmng_head=rlll7,EMMMACin,,EMM.signingheaderl,17,andpadding 
112, with the private key of either an entitlement agent or a conditional access authority 
dependmg on what liind of EMM it is. 

The EMM.signing^header is infonnation from the EMMjnside.header This 
20 infomtation is partcularly sensitive and is consequently enc^ed by both the public key 

of DHCT 333, for privacy reasons, and the private key of the entitlement agent or the 
condtnonal access authority, to apply a digital signature. Upon reception, and after the 
pnvacy decryption, if the signaUire verification fails, the EMM is discarded by DHCT 
333. Included in this information are an ID for the conditional access system, the type of 
the CA message, the serial number of the micmprocessor in the DHCT's DHCTSE 627 
an .dentifier for U,e CAA or EA which is the source of the EMM, an indication of which 
of the three public keys for the CAA in DHCT 333's secure element is to be used to 
dectypt the sealed diges, and an indication of the format of the EMM. The contents of 
EMM command.data 1 ,25 will be explamed in more detail in the discussion of the 
'0 operations performed using EMMs. 
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Details of DHCTSE 627: FIGs. 12-14 

DHCTSE 627 has five main functions in conditional access system 601 : 

• It securely stores keys including the public and private keys for DHCT 333, . 
public keys for the CAA, public keys for EAs from which DHCT 333 is 
authorized to receive services, and MSKs provided by those EAs. 

• It securely stores entitlement information sent by the EAs. 

• It decrypts, authenticates, and responds to EMMs. 

• It decrypts the control words in the ECMs, authenticates the ECMs, and when 
DHCT 333 is authorized to receive the service instance to which the ECM 

. belongs, it provides the control word to service decryptor 625. 

• It provides encryption, decryption, and authentication services to applications 
running on DHCT 333. 

. • 

DHCTSE 627 includes a microprocessor (capable of performing DES), specialized 
hardware for performing RSA encryption and decryption, and secure memory elements. 
All of the components of DHCTSE 627 are contained in a single tamper-proof package, 
such as a package that upon attempting to access the information contained within the 
information is destroyed. Only the components of DHCTSE 627 have access to the 
information stored in the secure memory elements. Any attempt by a user to gain access 
to any of the parts of DHCTSE 627 renders DHCTSE 627 unusable and its contents 
unreadable- DHCTSE 627 may be an integral part of DHCT 333 or it may be contained 
in a user-installable module such as a "smart card". The user "personalizes" the DHCT 
333 by installing the module in it. 

FIG. 12 provides an overview of the components of DHCTSE 627. As shown, the 
components of DHCTSE 627 are all connected to a bus 1205. Beginning with interface 
1203 to the general purpose processor upon which applications execute in DHCT 333, 
mterface 1203 permits passage of data between the remaining components of DHCT 333 
and DHCTSE 627, but does not permit components in the remainder of DHCT 333 to 
address and read the contents of secret values in memory in DHCTSE 627. 
Microprocessor 1201 executes the code for doing encryption, decryption, and 
authentication and interpreting EMMs and ECMs; RSA hardware 1217 is special 
hardware performing the calculations involved with RSA encryption and decryption. 
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Memory 1207 contains the code executed by microprocessor 1201, the keys, and the 
entitlement information. In a preferred embodiment, there are two kinds of physical 
memory in memory 1207: ROM 1219, which is read-only memory whose contents are • 
fixed when DHCTSE 627 is manufactured, and non-volatile memory (NVM) 1209, which 
can be read and written like normal random-access memory, but which retains its current 
values when DHCTSE 627 is without power. Non-volatile memory 1209 is organized as 
a set of non-volatile storage cells (NVSCs) 121 1(0 .. n), as described in U.S. Patent 
5,742,677. Pinder,.et al.. Information Terminal Having Reconfigurable Memory, filed 3 
April 1995. 

As will be explained in greater detail below, code executing in microprocessor 1201 
dynamically allocates NVSCs 121 1 to entitlement agents. In the preferred embodiment. 
NVM 1209 is used for the storage of information which can be rewritten by means of 
EMMs, and ROM 1 21 9 is used for code which will not change during the life of 
DHCTSE 627. 



FIG. 13 is a schematic overview of the contents of memory 1207 in DHCTSE 627. The 
memory is divided into two main parts: read-only storage 1301 , which contains code and 
other information that does not change as a result of the interpretation of EMMs, and 
NVA storage 1303, which is non-volatile storage that changes as a result of the 
interpretations of EMMs. RO storage 1301 contains code 1305. 

Code 1305 falls into four categories: code 1307 for the encryption, decryption, and 
authentication operations perfomied by DHCTSE 627, code for inteipreting EMMs 1313, 
code for interpreting ECMs 1321. and code for handling other CA messages such as the ' 
FPM and the GBAM. Code 1307 includes code 1308 for the MD5 one-way hash 
algorithm, the code 1309 for the RSA public key algorithm, and the code 131 1 for the 
3DES algorithm. EMM code 1313 falls into three classes: code 1315 which interprets 
EMMs received from a conditional access authority, code 1317 which interprets EMMs 
employed by the entitlement agents to configure the storage allocation they receive from 
the CAA, and code 1319 which interprets EMMs containing MSKs and entitlements. 
Code 1 3 1 5, 1 3 1 7 and 1 3 1 9 thus implements EMM manager 407 in a preferred 
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embodiment. The code for interpreting ECMs 1321 decrypts the control word contained 
in the ECM and checks whether DHCT 333 is permitted to access the instance of the 
service that the ECM accompanies; if so, the code provides the decrypted control word to 
service decryption module 625. The code for other CA messages 1323 deals with 
5 messages such as the FPM and GBAM. 

NVA storage 1303 has two main components: administrative storage 1330 and EA 
storage 1331. Administrative storage 1330 contains DHCT keys 1325, CAA keys 1329, 
and CAA data 1330. Beginning with DHCT keys 1325, each DHCT 333 has two public- 

10 private key pairs. The public key of one of the pairs serves as the public key used to 

encrypt EMMs sent to DHCT 333, and the private key is used in DHCT 333 to decrypt 
the messages; the private key of the other of the pairs is used to encrypt the sealed digests 
of messages sent by DHCT 333, and the public key is used by other network elements to 
decrypt the sealed digests of messages received from DHCT 333. The pairs of keys are 

1 5 installed in DHCTSE 627 when DHCTSE 627 is manufactured. 

In a preferred embodiment, the manufacturer of DHCT 333 maintains a certified database 
which has the serial number of each DHCT together with the pair of public keys 
belonging to it. When a CAA or EA wishes to begin sending EMMs to a DHCT 333, it 

20 sends a message to control suite 607 with the serial number of the DHCT. Control suite 

607 responds to the request by requesting the public key for the DHCT from a database 
maintained by the manufacturer of DHCT 333. The database responds to the message by 
sending control suite 607 certified copies of the public keys for the DHCT. The 
manufacturer thus functions as the certification authority for the keys. Control suite 607 

25 stores the public keys in a database of its own. For details on key certification, see 

Schneier, supra, pages 425-428. Getting the public keys for the DHCT from the 
manufacturer has two advantages: first, it solves the problem of certifying the keys; 
second, because the public keys come from the manufacturer and not from DHCT 333, 
there is no requirement in conditional access system 601 that DHCT 333 have a reverse 

30 path to control suite 607. 
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types of NVSCs for that entitlement agent. EA administrative code 1317 checks when it 
is interpreting EMMs from an entitlement agent to ensure that the entitlement agent does 
not use more NVSCs of each type than those allocated to it. 

When DHCTSE 627 controls NVA storage 1303, the operator of the CAA negotiates with 
each of the service providers and agrees on the allocation of storage needed for the 
services provided. The CAA then sends an encrypted message to the entitlement agent. 
The encrypted message contains the allocation based on data types, and the entitlement 
agent prevents the service provider from asking for more resources than were negotiated. 
If DHCTSE 627 nevertheless receives requests for storage area above what is available in 
NVA 1303, it indicates to the user of DHCT 333 via the user interface that no more 
storage is available and requests the user to either remove some service provider resources 
or to rescind the request. 

Details of Operations Specified by EMMs 

In the following, examples of operations specified by EMMs will be given, beginning 
with changing a CAA public key, continuing through establishing an EA in DHCTSE 
627, and ending with providing entitlement information for broadcasts, events, and 
interactive services. In the preferred embodiment, a single CAA controls the allocation of 
EA storage 1331 to entitlement agents. In other embodiments, there may be more than 
one CAA. There are two kinds of entitlement information: that for broadcast services and 
that for interactive services. Storage for broadcast entitlements is more permanent than 
that for interactive entitlements. 

The amount of memory 1207 in DHCTSE 627 is limited. The CAA manages this scarce 
resource and allocates it to the entitlement agents from which DHCT 333 receives 
services. Different EAs may have different amounts of storage area allocated, depending 
on their needs. Once an EA has received an allocation from the CAA, the EA may 
configure the storage area within limits defined by the CAA. Different EAs may have 
different limits and different types of limits. At one extreme, the CAA only restricts the 
total number of NVSCs 1211 that an EA may have in its EA information 1333. The CAA 
may impose tighter restrictions by limiting the types of NVSCs 1211 and/or the number 
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of each type. In this way, the CAA can prevent the EA from offering specific kinds of 
services and can limit the amount of such services offered, i.e., the amount of time that 
such services are offered. 

When a CAA allocates fat and skinny NVSCs 121 1 for an EA, it gives each allocated 
NVSC 1211a "name", i.e., each NVSC 121 1 has an identifier, such as an 8-bit identifier, 
that the CAA associates with the EA for which it has allocated the NVSCs 1211. The 
CAA and the EA use the name for the NVSC 1211 to refer to it in EMMs that manipulate 
the NVSC. An NVSCs name need not have anything to do with its physical location in 
NVM 1209. Since the name space is 8-bits wide, the names are assigned using a 256-bit 
map. If an entitlement agent has the name of an NVSC, it may make the NVSC into any 
type of NVSC as long as the type is one that is permitted for the EA and as long as the 
total number of NVSCs of the type belonging to the EA does not exceed the limit set by 
the CAA that authorized the EA. . . 

Once the CAA has allocated the EA storage area in the DHCTSE, it is up to the EA to 
configure the storage area. The first step is to load certain parameters such as a PIN into a 
descriptor for the EA. The second step is to determine which types of NVSCs are to be 
used for the protected services to be offered. The names allocated by the CAA are then 
distributed among the various types of NVSCs. Lastly, each NVSC is loaded by sending 
the appropriate EMM. 

Addressing EMMs 

In the conditional access layer, EMMs are addressed to a specific- DHCTSE 627, indexed 
by CAA or EA. This indexing is taken care of in EMM header 1113, which includes a 
unique identifier for the CAA or EA that is the source of the EMM, and that therefore is 
associated with the private key used to make the EMM's sealed digest. The EMM header 
also includes the serial number for DHCTSE 627. The DHCTSE 627 responds only to 
those EMMs that include its serial number. . When a CAA is the source of the EMM, there 
is also a value in the header indicating which of the CAA public keys is the public key for 
the source of the message. Conditional access messages may be transported in other data 
protocols, which may include other addressing mechanisms. 
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DHCTSE 627 ignores EMMs that are addressed to a CAA or EA that is not "known" by 
DHCTSE 627 (i.e., EMMs for which there is no CAA corresponding to the CAAID or EA 
that corresponds to the EAID). As will be explained in more detail below, information 
about individual entitlements is contained in NVSCs 121 1 for the entitlements. Each of 
these NVSCs has a type, and an EA may change the type or contents of an NVSC 121 1 
by senduig an EMM which specifies the name of the NVSC 1211 to be altered. DHCTSE 
627 wiU alter the NVSC 121 1 as indicated in the EMM unless the entitlement agent does 
not have an NVSC with that name or the change violates a constraint set by the CAA. In 
those cases, the EMM is ignored by DHCTSE 627. Conditional access system 601 does 
hot require that digital broadband delivery system 501 have a reverse path, or, if one 
exists, that any bandwidth on the reverse path be available to the EMM conditional access 
function, Consequently, DHCT 333 does'not return any acknowledgment, confirmation, 
or error messages in response to an EMM. Therefore, the CAA or EA that is the source 
of-an EMM should track the allocations of NVSCs 121 1 and send only EMMs that 
request legal operations. In other embodiments, a reverse path may be required, and for 
these embodiments, the reverse path can be used for acknowledgment or error messages. 

Changing a CAA 

As previously indicated, a CAA is represented in DHCTSE 627 by its public key. Three 
public keys for the CAA are installed in DHCTSE 627 when it is manufactured. A need 
may occasionally arise to change the CAA of DHCTSE 627. One circumstance under 
which such a need would arise would be if the private key for the CAA had been 
compromised; another would be if a new entity has taken over the function of authorizing 
entitlement agents. That might happen, for example, as a consequence of the sale of all or 
partofaDBDS 501. 



Any one of the public keys for a CAA can be replaced by means of a sequence of two 
EMMs, the first of which has a sealed digest encrypted with the private key 
corresponding to a first one of the other two public keys, and the second of which has a 
sealed digest encrypted with the private key corresponding to the second one of the other 
two private keys. Each of the two EMMs contains an identifier, the CAAID for the new 
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CAA, a key se].c, value indicating which of ,he tiu« CAA public key. is ,„ be replaced 

by DHCTSE 627 by verifying ti,e digiul signature applied by the first CAA key 
DHCTSE 627 computes a MD5 hash of ti,e new CAA public key in this first EMM and 
stores tt. After the second EMM is successfiilly authenUcated by the DHCTSE by 

veniying the digital signan-re applied by the second CAA key. the DHCTSE computes a 
MDShashofthenewCAApublickeyincludedinthissecondEMM. This second h^ is 
compared widt the first. ,f the hashes are identical, the new CAA public key and CAAID 
are substituted for the public key and CAAID of the CAA specified by a,e key select 
.» value. A single CAA public key must not be changed twice without one of the o*er two 
CAA public keys being changed in between. 

Dynamically Adding and Removing Entitlement agents in DHCTSE 
627: FIG. 15 - 

CAA authorizes a DHCT 333 to receive services from an entitlement agent it ■ 
oes so by sending a sequence of EMMs that create an entitlement agent descriptor EAD 
1409 for the new entitlement agent. FIO. 15 shows a detailed view of an EAD 1409(i)as 
created by tite CAA EMMs. Header 1502 is common ,o all NVSCs 1211 Cell status 
150, mdicates whether the NVSC 1211 isallocated. Celltype ,503 indicates what kind 
of data it contains; wim an EAD 1409. Cell type ,503 indicates that the cell is a "fat" 
NVSC. Cell name 1505 is the 8-bi, name that the CAA gives the cell when it allocates it 
T^e names areper-EA. Tl^at is, the EA infonnation 1333 for an EA may include up to ' 
255 NVSCs. Next element 1 507 is a pointer to the next element in the list to which the 
NVSC belongs. Thus, in an unallocated NVSC, it is a pointer to the next NVSC in free 
■ l.st 1407; in an EAD 1409, it is apointer to the next element in EAD list ,406, and in a 

skinny NVSC that is part of a list 141 1, it is the next skinny NVSC in that list Next 
element 1507 is set in response to whatever EMM causes the list to be manipulated. 

The remaining fields are particular to EADs 1409. TTte fields labeled 1506 in HO 15 are 
all set by EMMS from the CAA. EAID 1509 is an identifier forti,e entitiement agent to 
whtch EAD ,409 belongs; in the prefetred embodiment, EAID 1509 is used to locate 
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EAD 1409 for a given entitlement agent. CAA flags 1511 are a set of flags that indicate 
(1) the classes of service to which the entitlement agent can grant access and (2) whether 
the public key for the entitlement agent is installed in EAD 1409. First skinny NVSC 
1513 is a pointer to skinny NVSC Hst 1411 belonging to EA information 1333 to which 
EAD 1409 belongs. EA nlaximums 1515 define the maximum amounts of services for 
the EA to which EA information 1333 belongs. The last field 1506 set by the CAA is EA 
public key 1527, which is the public key for the EA to which EA information 1333 
belongs. 

The fields in EA fields 1516 contain information that is associated with the customer to 
whom DHCT 333 belongs. The fields are set by an EMM received from the EA after 
EAD 1409 has been allocated and fields 1506 have been set. DHCT flags 1517 include 
flags indicative of the services provided by the EA that this specific DHCT 333 is 
presently entitled to receive. Stored credit Kmit field 1 5 1 9 is used with instances of 
impulse services, i.e., instances of services that need not be purchased in advance. Stored 
credit limit field 1519 indicates the maximum amount of a service that an interactive 
customer can use without authorization from the EA. As will be explained in detail 
below, authorization is obtained by sending an FPM to the EA and receiving a confirming 
'EMM from the EA. X coordinate 1521 and Y coordinate 1523 define a location of 
DHCT 333 in a coordinate system (to be explained more fully later) established by the 
entitlement agent. The coordinate system may be geographic and may, for example, be 
used to determine whether the DHCT 333 is in an area which is to be blacked out in a 
broadcast. The coordinate system may also be used generally to define subsets of an 
EA's customers. For instance, the X coordinate and Y coordinate could be used to define 
customers who do not wash to receive movies that have ratings other than G or PG-13. 
The PIN is a multi-character code that the customer for the DHCT iises to identify himself 
or herself to the entitlement agent. 
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The EMMs that the CAA Q/^n^c. ♦ 

me LAA sends to set up EA information 1 f 
following: nation 1 jjj for an ^^.^ 

• Set EAAJiocation Name Map ' 

• Set EA Maximum AlJocations 

• Update Entitlement Agent Public Key 

EMM header I J ,3 in all of these EMMs cont." n 

HMMs have a sealed digest that has Be^ ^ ^« the 

-AAmayusetheseEMMsnotonn:;:^^^^^^^^^ 

^ already existing EAinfon.at,on ,333 for an EraJd^^^^^^^^ 

- EA. When the latter has been done, DHCtTe ^ / T^' ^ 
ECMs from the entitlement agent. "° '""P-^ to EMMs or 

Set EA Allocation Name Map . 

The Set EA Allocation Name Man ElUJu 

con-espondi^g ,o nvsC's „a.e ,s s« C^^^ " """" 

by al,ocaU„g ae NVSC. „,„i,.d for EA i„f„ '""^ '^'^ responds ,o this EMM 

EAID ,0 U,e p,,3,ca, ,oca„o. of NVSCs ^TT '"^ "^^^ 

-3.opo,„.,o,add.g...„,,,,;:;-;;-- 

-e..„g „ex. e,e.e„, poi„,er , 507 accordtag,/a„a f , "'"^ 
EAJDf;eldl509, ""'"S™ header fields 1502 and 

CAA EMM code 13 1 5 store, .fc. 

-=.-..canco.p:::tr""^™^"''"^^'"^---330and 
Map EMM „i4 0.™, nan,, ' "=""'--ed Se, EA AllocaUon Na„,e 

H-,oca.o„.a.eMapeon.a„ddoesn:r::":e;TT'"^^^'"" 
-"=-o.^..fiesa„a„e..asp~^^^ . 
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the NVSC 1211 corresponding to that name is returned to free list 1407. After this is 
done, the name map in the EMM becomes the* current name map. 

Typically, an entitlement agent and a conditional access authority will cooperate in 
5 determining how large Hst 1411 should be. For example, if an entitlement agent needs 

less space, it will send a message to that effect to the CAA, the message will contain the 
names of the NVSCs 1211 that the entitlement agent wishes to have removed, and the 
name map in the EMM sent by the CAA will specify only the names of the NVSCs 1211 
that the entitlement agent wishes to keep. It may, however, happen that the entitlement 
10 agent is not cooperative or that the conditional access authority must reduce the size of 

list 1411 for the entitlement agent before it receives a message from the entitlement agent. 
In that case, the CAA may remove NVSCs 1211 from list 141 1 by the value of the name, 
beginning with the name with the highest numeric value, continuing with the next highest, 
and so on, until the required number of NV-SCs 1211 have been removed. 

15 

The CAA can also use the Set EA Allocation Name Map EMM to remove EA 
information for an EA from DHCTSE 627. When the EMM is used in this fashion, none 
of the bits in the name map are set. CAA EMM code 1315 responds by returning all of 
the NVSCs in the EA information 1333 and EA Descriptor 1409(i) for the EA identified 
20 by the EAID in the" EMM to free list 1407 and re-linking EA list 1406 as required. 

Set EA Maximum Allocations 

The Set EA Maximum Allocations EMM contains the EAID for the EA having the 
entitlement information 1333 that is being created or modified and also contains values 

25 for fields 151 1 and 1515 of EAD 1409. CAA EMM code 1315 responds to this EMM by 

reading down EA list 1406 imtil it finds EA descriptor 1409 with the EAID specified in 
the EMM and then setting fields 1511 and 1 5 1 5 of EAD 1 409 using the values in the 
EMM. When an entitlement agent sends an EMM to DHCTSE 627 that establishes 
entitlement information of a certain type, for example, for an event, the code that 

30 interprets the EMM checks the EA maximum allocations to determine whether the 

maximum number of entitlements for that EA has been exceeded. In the preferred 
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embodimem, entitlements are represented bv NVSr^ r„ 

,1, eaoyivvbCs. Consequently, what is limited is 

the number of ha'SCs of a given type in list 1411. 

Update En«tlemen( agent Public Key 

Update Endtlement Agent Public Key EMM contains a,e EAID for the EA bavin, 
.een^^mentinfotmationthatisbeing^^^^^ 

CAA EMM code 13,5 responds to this EMM by locating EA descHptor 1409 as 
descnbed above and settmg field '527 from thepublic key in the EMM With dteEA's 

tC: f""""^"''""'^=*"--*«---HMMstoveH; 
*at they are f..m the EA. This verification is possible since the EA uses the private key 

correspondtng to the updated public key to perfonn the signing opetation. 
EA EMMs tha, Modify Enrttlement Information ,333 

Igl^T '"T - — 

fTerd 15 ^= EMMS fall into two groups: EMMs that modify EA 

s ,516 of EAD 140. and EMMs that modity contents of the NVSCs maki„!up list 

is 41": r r '° "^'^ ' - n 

.4, has a type. An NVSC is named by the CAA. as described above, and its „^e 
-otbechanged by the entitlement agent. T^eentitlemenragentca,, However cZe 

EAD ,409 for the EA. It .s up to the entitlement agent ,0 keep track of the types and" 
comentsofthe NVSCs in EAinfonnadon 1333. Wesand 

The EMM U,at modifies EA fields 1516 of EAD 1409 is the Update Entitlement Agent 
P^^r^es EMM. The second group of EMMs is further subdivided according .0 Z 
h,d^ of enttfiements they provide. There are two broad families of entiUemeL- 
broadcast entitlements for non-Interactive services and interactive entitlements for 
.nteracttve sessions. Within the broadcast entitlements, there are iUrther event 
en^Uements for events that the user pays for individually, as is the case with pay-per-view 
event, tnteracve pay-per-view events, and near video-on-demand events. The n 1 
event broadcast EMMs include: 
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• Update MSK 

• Update Digital Bit Map 

• Update Digital List 

• Update Analog MSK and Bit Map 
5 • Update Analog MSK and List 

• Update Analog Bit Map 

• Update Analog List 

The broadcast EMMs for events include 

• New Event Storage 

10 • Add/Remove PPV Event 

• Acknowledge IPPV/NVOD Event 
The EMMs for interactive sessions include 

• New Interactive Session Storage 

• Add Interactive Session * - 
15 • Remove Interactive Session 

As can be seen from the names of the EMMs, the EA can change the type of the named 
NVSCs allocated by the CAA as needed for events and interactive sessions, subject only 
to the maximums specified in EAD 1409. 

20 There are separate CAA EMMs for allocating NVSCs,. setting limits on types of NVSCs, 

and assigning a public key to an entitlement agent. Also, the EA EMMs for writing 
NVSCs 121 1 do so by name and can change the NVSC 1211 type as well as its content. 
Therefore, access control system 601 has a high degree of control and flexibility. A CAA 
may dynamically constrain the total number of entitlements that an entitlement agent may 

25 give, the types of entitlements, and the number of entitlements of each kind as required: 

The CAA may also change the constraints either in part or as a whole, and can do so 
either in cooperation v^th the entitlement agent or unilaterally. Within the constraints 
imposed by the CAA, however, the entitlement agent is free to dynamically manage its 
own entitlements, changing not only entitlements of a given type, but even changing the 

30 types themselves. 
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Update Entitlement Agent Properties 

This EMM contains the values for EA fields 1516 of EAD 1409. EA administration 
EMM code 1317 reads EMM header 1 1 1 3 to get the EAID for the EA to which the EMM 
is directed and simply sets fields 1 5 1 6 in EAD 1409 for the EA from the EMM. 

Non-Event Broadcast EMMs 

Of the non-event broadcast EMMs, four types will be discussed here. These are Update 
MSK, Update Bit Map, Update List, and update combinations with MSK and list or 
bitmap. Those skilled in the art will be able to easily apply the principles explained 
below to EMMs that perform the functions indicated by the names of the other non-event 
broadcast EMMs. For example, the principles of digital EMMs can be applied to analog 
EMMs. There is a separate type of NVSC 1405 for each information type provided by 
the above non-event broadcast EMMs. FIG. 16 shows the contents of four of these types 
of NVSCs. Each NVSC type will be discus'sed together with the EMM that provides the 
information it contains. 

Update MSK 

The Update MSK EMM is used to send a new MSK for a set of services provided by the 
EA specified by the EMM. The new MSK and other information associated with the 
MSK are stored in MSK NVSC 1601 in list 141 1 for EA information 1333 belonging to 
the EA specified by the EMM. Included in MSK NVSC 1601 is header 1502. Header 
1502 specifies that NVSC 1601 isaMSKNVSC, gives the NVSCs name, and contains 
next element pointer 1507 to the next element in list 141 1. The other fields contain 
information about the MSK. In the preferred embodiment, MSK 1608 has two 128-bit 
parts: the even MSK 1609 and the odd MSK 1611. Each part has two halves, i.e., a first 
half and second half, each of which has 56 key bits and 8 unused parity bits. The MSK 
1608 is associated with a pair identifier 1603 for MSK 1608, an expiration date 1605 for 
MSK 1608, and a flag 1607 indicating whether the value of expiration date 1605 should 
be ignored. If the expiration date 1605 is not to be ignored, DHCTSE 627 will not use 
MSK 1608 to decrypt a control word after the expiration date. The identifier 1603 is per- 
EA, and consequently, a given EA may have one or more MSK NVSCs 1601 at any given 
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time to store a plurality of different MSKs. Thus, conditional access system 601 not only 
permits separate security partitions for each EA, but also permits security partitions 
within an EA. 

The Update MSK EMM header contains the EAID needed to locate EA information 1333 
for the EA; the message contains the name of the NVSC that is to receive the MSK, a 
MSK pair selector which specifies a MSK pair ID for the MSK to be updated, a set of 
flags permitting the EA to selectively change.MSK pair ID 1603, expiration date 1605, no 
expiration date 1607 and either half of MSK 1608, and the information needed to make 
the changes. At a maximum, the EMM contains a value for MSK pair ID 1603, a value 
for expiration date 1605, a value for no expiration date 1607, and values for even MSK 
1 609 and odd MSK 1611. EA MSK code .1319 processes the Update MSK EMM by 
locating EA Information 1333 for the EA identified by the EMM header's EAID, using 
the cell name to locate the proper NVSC, giving that NVSC the MSK type, and then - 
writing to the MSK NVSC 1601 as required by the flags and the information in the EMM. 
This procedure is the same for both analog and digital Update MSK EMMs. The 
differences are in the EMM command code in EMM Header 1 123 and NVSC type 1503. 

Entitlement Identifiers 

As will be explained in more detail below, an ECM specifies 'the service instance that it 

accompanres by means of (1) the EAID for the entitlement agent that is. the source of the 

ECM and (2) a 32-bit entitlement ID for the instance. Entitlement IDs are per-EA. By 

making the entitlement IDs 32 bits long, each EA will have enough entitlement IDs even 

for transient services such as pay-per-view events and interactive services. In the 

preferred embodiment, when DHCTSE 627 interprets an ECM, it checks whether DHCT 

333 is entitled to decrypt the instance by looking in EA information 1333 for the EA 

specified in the ECM for an entitlement ID that corresponds to the entitlement ID 

specified in the ECM. The entitlement IDs in the EMM and in EA information 1333 can 

be represented in at least two ways. One way is by simply listing entitlement IDs. The 

drawback with this technique is that the 32-bit entitlement IDs are large, and NVSCs are a 

scarce resource. The other way is by means of a starting entitlement ID value and a bit 

map. Any entitlement ID having a value within 255 of the entitlement ID value specified 
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by the starting entitlement ID value can be specified by setting a bit in the bit map This 
technique is set forth in the Banker and Akins patent application See particularly 

FIG. 2 of the Banker and Akins patent application and the discussion of that figure. The 
following discussion of specifying entitlement IDs by means of a starting ID and a bit 
map is an expansion of the discussion in that patent application. 

Update Bit Map EMM 

This EMM updates a bit map that specifies one or more entitlement IDs. The bit map is 
stordd in an entitlement bit map NVSC 1613. NVSC 1613 has a header 1502 with the 
cell number and type of the NVSC; a first entitlement ID 1615, which is the first 
entitlement ID which may be specified by the bit map; an expiration date 1617 which 
specifies when the entitlement IDs specified by first entitlement ID 1615 and the bit map 
expire; a no expiration date flag 1 6 1 9, which indicates whether there is in fact an 
expiration date; and bit map 1621. The update bitmap EMM contains the cell name for 
the NVSC 1613 to be set, a set of flags which indicate the infonnation in NVSC 1613 that 
is to be set by the EMM, and the values for the infonnation. The EMM may set any or all 
of first entitlement ID 1615, expiration date 1617, no expiration date 1619, and bit map 
1621. EA administrative EMM code 1317 responds to the EMM by setting the fields of 
the specified NVSC 161 3 as indicated in the EMM. This procedure is the same for both 
Update Digital Bit Map and Update Analog Bit Map EMMs. The differences are in the 
EMM command code in EMM Header 1 123 and NVSC type 1503. 

Update List EMM 

The Update List EMM updates a list of entitlement IDs that is contained in an entitlement 
list NVSC 1623. NVSC 1623 has a headerl502 with the cell name and type for the 
NVSC and contains up to six entitlement ID elements 1625. Each of the elements 
contains an entitlement ID 1627, an expiration date 1629 for the entitlement ID, and a flag 
1631 mdicating whether the entitlement ID has an expiration date. n.e update list EMM 
contains the cell name for the NVSC, a value for the flag, an expiration date, and values 
for up to six entitlement ID elements 1625. This procedure is the same for both Update 
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Digital List and Update Analog List EMMs. The differences are in the EMM command 
code in EMM Header 11 23 and NVSC type 1503. 

Broadcast Events 

A broadcast event is a one-time service, such as a pay-per-view broadcast of a boxing 
match. In the preferred embodiment, there are two kinds of broadcast events: ordinary 
pay-per-view broadcast events, in which the customer has ordered in advance to see the 
event, and impulse events where the customer decides at the time the event is broadcast 
that he wants to order it. There are different kinds of impulse events, such as: impulse 
pay-per-view (IPPV) events, which are pay-per-view events where the customer can 
decide at the time of the event to purchase it, and near video-on-demand (NVOD), where 
popular movies are rebroadcast at short intervals and the customer can decide when the 
rebroadcast occurs whether he or she wants to view it. Those skilled in the art will realize 
that the concept of an "event" can refer to any service over a specific time period (whether 
broadcast or non-broadcast), such as video on demand events or other types of events not 
listed here. 

In the case of pay-per-view events, the customer orders the event from the entitlement 
agent, and the agent responds by sending an EMM that contains the necessary entitlement 
information. In the case of events where the customer decides at broadcast time that he or 
she wants to purchase the event, purchase information, i.e., information about the 
entitlements that can be purchased, must be distributed with the event. In these cases, the 
purchase information is distributed by means of global broadcast authenticated messages, 
■ or GBAMs. The customer provides input 628 that specifies a purchase. The DHCT 333 
responds to the input 628 by storing the record of purchase in the DHCTSE 627 and then 
beginning to decrypt the event. Later, the DHCT 333 sends the entitlement agent a 
forwarded purchase message (FPM) indicating what has been purchased by the customer, 
and the entitlement authority responds with an EMM that confirms the purchase and 
contains the necessary entitlement information. The record of the purchase remains until 
an EMM confirming the purchase is received by the DHCTSE 627. 
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Event NVSCs: FIG. 17 

FIG. 17 shows event NVSC 1701 used to store entitlement information for events. 
Headerfield 1 502 is similar to that for other NVSCs 1701. Each event NVSC 1702 may 
contain up to three event descriptors 1703, each of which describes a single event Each 
event descriptor 1703 contains a Flags Field 1705 that includes flags to indicate (I) 
whether the event is active, (2) whether its end time has been extended, (3) whether the 

entitlement agent has confirmed purchase of the event, (4) whether the customer can 
cancel at any time, (5) whether the customer can cancel in a cancellation window (6) 
whether the customer has canceled the purchase, (7) whether the right to copy thJ event 
has been purchased, and (8) whether the event is an analog or digital service. Purchase 
time 1 709 is the later of the start time for the event or the time the customer purchased the 
event. End time 1709 is the time the event is to end. Cost 1711 is the cost of the event to 
the customer, and entitlement ID 1713 is the entitlement ID for the event. 

15 New Event Storage EMM 

When the CAA sets up entitlement agent descriptor 1409 for an entitlement agent it 
includes a value in EA Maximums 1515 that limits the number of event NVSCs 1701 the 
entitlement agent may have. Within that number, however, the entitlement agent is free 
to allocate event NVSCs 1 701 from the total number of NVSCs 1405 belonging to the 
entitlement-agent and to reuse existing event NVSCs 1 70 1 . To allocate an event NVSC 
the EA uses the new event storage EMM. which simply contains the cell name for the ' 
NVSC which is to be allocated. Once the event NVSC 1701 has been allocated, its fields 
are set as follows: 

• In the case of an ordinary PPV event, fields are set by an add/delete event EMM- 

• In the case of an PPV or NVOD event, fields are set in part from the GBAM for 
the event and in part from customer input 628. 

The contents of an event NVSC 1701 are deleted by an add/delete event EMM or by 
receiving an ECM containing a time greater than the event end time in the event NVSC 
1701, if the event record had been previously acknowledged by receiving the 
Acknowledge Event EMM. 
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The Add/delete Event EMM 

The add/delete event EMM contains a flag which indicates whether the EMM is setting or 
deleting an event. In the latter case, the contents of the EMM must match the current 
contents of the NVSC 1701 that is to be deleted. In the former case, the values of the 

5 EMM include flags indicating whether time extensions are allowed and whether the right 

to copy has been purchased. Further included are values for the event's start time and end 
. time and the entitlement ID for the event. When the add/delete flag indicates "delete", 
EA administrative code deletes the contents of the NVSC 1701. When it indicates "add", 
the code sets the corresponding fields of the NVSC 1701 to the values specified in the 

10 EMM. The flag that indicates whether the EA has acknowledged the purchase is set to so 

indicate. 

The Global Broadcast Authenticated Message: FIGs. 18-20 

The Global Broadcast Authenticated Message (GBAM) is, like the EMMs, ECMs, and 
15 FPMs, a CA message. A GBAM is broadcast by an entitlement agent to DHCTs 333. 

FIG. 1 8 shows a CA message 805 including a GBAM 1 801 . Message 805 includes a CA 
message header 1003 and a CA GBAM message 1 803, which in turn is made up of a 
GBAM header 1807 and global broadcast data 1 809. Global broadcast data 1 809 is not 
encrypted, but GBAM 18Q1 is authenticated in the same fashion as an ECM: header 
20 1 807, global broadcast data 1 809, and MSK 1015 belonging to the EA which sent the 

GBAM are hashed by one-way hash function MD5 to produce GBAM MAC 1805. As 
with the ECM, the MSK 1015 is a shared secret between the EA which sent the GBAM 
and DHCTs 333 that have EA information 1333 for the EA. 

25 FIG. 19 shows GBAM header 1807 in detail as well as the form that global broadcast data 

1 809 takes when GBAM 1 801 is used to provide entitlement information for IPPV or 
NVOD. GBAM header 1807 has a conditional access system ID 1901 that identifies CA 
system 601 in which GBAM 1801 is being used, a tag which indicates that the message is 
a GBAM, and the identifier 1905 of the entitlement agent sending the GBAM. Fields 

30 1907 and 1909 specify the key that was used to make MAC 1805. Field 1907 specifies 
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Purchasable entitlement data 191 3 referc:tntK^-f^ r . . 

. '^'^ "'^'''°*'f<"™ <'fglobal broadcast data 1809 Aa, is 

uscd.opr„v,dee„..t,™e„,i„fo„,«i„„f„,pp^„^^^^ Of th. fields .hat a,. 

relevant for .he present discussion, E„ti,en,en. ID .915 is U,e e„.i.len,ent ID for the event 
a^octated ™* Ute GBAM. and Flags .9.7 include flags indica.ing „ha. Icind of - 
cancellaUon is allowed and whe*er .he toe for *e even, .ay he extended. Number of 
.ode3l,,9„dica,esho„n,an.diIferent.odesthereareforp.ch.^^ 
ngh. w^ch the purchaser reeeives to the event and the price the purchaser „ust pay wi„ 
2 -de. h, the ptefened e„hodin,en. an event nta, have up to «ve puZ 

««.es. ■f-epurchasen.odesarere.uired.addi.ionalOBAMs.aybesen.. Irighs 
Pnces for each „ode are ind.ca.ed by arrays. Each a,ray has as tnany valid element 
d,ere are ™odes. The value of an elenten. con^sponding to a n.ode indicates .he ri,h 
orpnceforU,a.„ode. Tltus, „ode righ. .o copy field .921 isa bi.a,ray; if a hi. fora 
n-ode .s set, the pu^h^r of the n,ode has the righ. to copy fte event. Similarly, .ode 
^ngth field .937 contains a value for each .ode which .dicates the ,eng* of ,L for 

event .„ that ntode. Mode cost field 1929 contains a value for each .ode which 
n^tcates the COS. for *e even, in .ha, n,ode. Earlies. s.ar. field .923 ,ives the earlies. 
ume a, whtch enu.,e«en, for ,he even, can s.ar,. and la.es. end field 1 925 gives *e la.es. 
time at which entitlement must end. g'vestoelates, 

WhenDHCT333.eceivesGBAM.80,,itpassesOBAM180. to DHCTSE 627 for 
au he„. ,ro.,o^^^ ,809. Authenticatton will fail unless DHCTSE " 

627 has the required MSK. If (1, DHCTSE 627 has the required MSK and (2, global 
broadcast da. 1809 is data 191 3, DHCT 333 pem,ts the customer to purchase L event 
In so dotng the customer idenfifles himself or herself .o DHCT 333 by means of a PIN ' 

even ,he mode .nfonnanon and me cos. informadon in fte GBAM. DHCT 333 can 
de.ennine whemer ordepng tt,e impulse even, wil, cause the cus,omer .o exceed U,e 
amoun. (of .ime. money. e,c.) specified in s.ored credi. limi. 1519 inEAD 1409 If ,he 
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customer has not exceeded the limit, the information from the GB AM and from the 
purchaser's inputs are used to make an event descriptor 1 703 for the event. DHCT 333 
passes the information to DHCTSE 627, which sets the fields in event descriptor 1703 
according to the values provided it by DHCT 333. The flag that indicates whether the 
purchase information has been acknowledged is cleared, and the cost of the event is added 
to the current credit balance. 

The Forwarded Purchase Message: FIG. 21 

The forwarded purchase message (FPM) in a preferred embodiment serves two purposes: 

• it informs the entitlement agent that the customer has purchased an IPPV or 
. NVOD event; and 

• it informs the entitlement agent that the customer has canceled the purchase of any 
event. 

In.other embodiments, messages like the FPM can be used to transfer any kind of 
information from DHCT 333 to a CAA or an EA. For example, such a message can be 
used to transfer monthly order information from DHCT 333 to an EA. 

DHCT 333 sends a forwarded purchase message with the purchase information via the 
reverse channel to the entitlement agent that sent the GBAM. The FPM is contained in a 
reverse channel data packet that is addressed to the EA. FIG. 21 provides an overview of 
the FPM and of the cryptographic rneasures used to protect its contents. FPM 2101 is a 
CA message 805 and consequently is sent with a C A message header 1 003 . FPM 2101 
itself is made up of FPM encrypted envelope key 2103, which contains the EAID for the 
entitlement agent and FPM key 2119 for decrypting the purchasing information contained 
in FPM encrypted events 2113. The key and other contents of envelope key 2103 are 
encrypted for privacy using the public key of the entitlement agent for which FPM 2101 
is intended. CA FPM message 2105 includes CA FPM header 211, which includes the 
EAID for the intended E A, and FPM encrypted events 2113. The latter are encrypted 
using the 3-DES algorithm with the key in envelope key 2103. CA FPM message 2105's 
parts are a header 213, FPM clear events 2133, which contains the purchase information, 
and padding 2135. The last part of FPM 2101 is FPM signed authentication 2 1 07, which 
is encrypted with the private key of DHCT 333 from which FPM message 2101 is sent. 

53 



event 
interest 



WO 99/09743 

PCT/US98/16079 

The encypted material includes FPM signing header 2 125, FPM MAC .127 and 
P^ddmg 2129. FPM MAC 2127 is made using the MD 5 one u u' 
FPiu.i ^ ^ °"^-^a>' hash algorithm from 

FPM c,e. ev=„,s 2,33. On., *e EA f„. w-ich *e FPM i. teended can l^p, 
envelop, key 2103 ,o ob.i„ key 2U, .„,ec^, Pp^ e„e^,, 

DHCT 333 from which FPM 2 1 0 1 was sent. . 

™=pa„ofFPM2,0> Which is of «^er inters, here, FPM oca, even. 2,33 The 
n^nna.™ h. *a. pa„ of ..e FPM include. *e scria, n„„,he, of OHCTSH 627 i„ MCT 
333 from which rte message came. Ac EAIDof the destination FA . ■ 
.en™..feven.sfo™hichtheFPMcontain.pJ~;:: 
or each event is con.ai.ed i„ fo^arded even. da.a fo. Uta. even.. The fol^dl " 

da.a.s.aicenfiomCBAM ,S0,andeven.descHp,o.,703 for the event ^loLe 
.nU,ep.sen,con.e.i„c,nde«a.si„dica.in,,,,.heU.e..heev^^ 
2 w-ethe. the .e. has cance.ed.he event, and (3, whether the customer has pl^ 

:r:::;::rr2:::::!::r't- 

cn. DHCT 3.3 sends an FPM wia, fte same message, bu. wi* U,e even, canceled fl 
.^to .ndicate cancelation. T.e conditions under whichO„CT333 se„ds" 
"r^^"^"'"=^^""'"""-^^-'-----a.sohelto 

The Acknowledge IPPV/NVOD Event EMM 

When the entit.ement agent receives the FPM, i. enters the infonnation contained in the 
FPM m^ customer infonnation da.hase and reruns an acknowledge ,,,vJoT 

ven. EMM .o OHCT333. EMM command da.a . ,25 in EMM co„.i„sH 
.efo,wardedeve„.da.i„.eFPM*^^ 
DHCTSE 627 recetves U,is EMM. i, decrypts and auAen.ica«s i, and to L each ■ 
Of cop-ed forwarded event data, it uses the eutitiement ,D to .ocate event ^^T, 7 
-eevent. Ha.ng ,oca.ed .he even. HVSC -0. , i. compass .he copied forJle^ 
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data with the corresponding fields of event NVSC 1 70 1 . If they are the same, DHCTSE 
627 sets the flag in Flags Field 1705 that indicates that the purchase has been confirmed 
and adjusts the stored credit balance. If the EMM has its "canceled" flag set, the "in use" 
flag in event NVSC 1 701 is set to indicate that event NVSC 1 70 1 is not in use and is 
therefore available for reuse by the entitlement agent. 

Other uses of GBAM 1801 

GBAM 1801 can be used generally to broadcast authenticated messages via a MPEG-2 
transport stream, or other transport mechanisms, to DHCTs 333. CA system 601 itself 
uses GBAM 1801 in two other ways: to periodically broadcast a time value to DHCTs 
333 and to extend the time for events. In the former case, GBAM 1 801 simply carries the 
time value, which is a secure time, due to the GBAM's authentication. The code in 
DHCT 333 which carries out a task for the entitlement agent that sent the system time 
GBAM can use the time value to coordinate its activities with activities by the EA. Note 
that this arrangement permits the use of per-entitlement agent time schemes. It also 
permits establishing a uniform system time throughout a digital broadband delivery 
system by setting up one entitlement agent in each DHCT 333 of the digital broadband 
delivery system as the "system time entitlement agent" and addressing the system time 
GBAM to the system time entitlement agent. 

GBAMs 1 801 that extend the time for an event carry the entitlement ID for the event and 
the number of minutes the time for the event is to be extended. When GBAM 1 801 is' 
received and provided to DHCTSE 627, the secure element adds the number of minutes to 
end time 1709. 

FIG. 20 shows a server application 2001 executing on a processor having access to 
entitlement agent 2005 and to the MPEG-2 transport stream being received by a group of 
DHCTs 333. The server application 2001 can use GBAM 1801 to send authenticated 
messages to the DHCTs 333. Server application 2001 sends a message to entitlement 
agent 2005, which uses its transaction encryption device 603 to make a GBAM 1 801 
including the payload. Entitlement agent 2005 then returns the GBAM to server 
application 2001 which sends application data together with the GBAM, as shown at 
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2007, to client application 2009 in the DHCTs 3 V, p. u ,• 

1 801 to DHCTSF .97 . application sends GBAM 

loui louHC I SE 627, which authenticates it iftu^ .i. - 

fi07e ^ , ^^*^^a"*entication succeeds DHCTSF 

627 sends an acknowledgn^ent to client application 2009 It .hn u 

-----^--^^^^^^^^^^^ 

NVSCs and EMMs for Interactive Sessions 

DBDS 501 can also be used for interactive session, F , 

customer „iJl jo via Ae reverse channel Such ar, a™„ ■ 

™a„...erac.veapp„ea......,ch,hecul:ZZ^^^^^ 

example, .e.a..ha..e„a„i„a.e,..a.e3ash :;2^^^^^^^ 

another large amoun, of data. and then reccves 

Each interactive session that is currentlv taHno „i„ ■ ^ 

interactive session NVSC 121 1 i„ MlTb ' ^ " 

access to the inte.c.ive session T li '"^ ^« 

ia(.uvc bession. Ine interactive session Kn/c I- 

fte interactive session at,d a„ entitlement ID for 1 ~ ' 

,„ , 'or ftemtetactive session DHCTSF «77 

«-..--™.,~:™rrr::;;~r-* 

Once the EA has established the NVSC, it sends an • . • 

directed to the name of the newl.-alloc ted^SC anr . ^"""^ ' 

•he key for the interactive session The ! '° 

in *e NVSC When therZ' . '"^ '° »^ ''^^ 

^"*'^'^"™"=^'h-'*'inte.active session is over, it sends a 
remove mteractive session" EMM with the entitlement ID f™,K ■ '"''"'^^ 
.he sect, element deletes the contents of the NVSC 

mteracfve session NVSCs allotted by the CAA to th. Fa , 

Any . ^° EA are already in use DHrTQP 

627 m a preferred embodiment deals with this situation u v ■ 
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and none is available, DHCTSE 627 shuts down the interactive session that least recently 
sent or received data and uses that interactive session's interactive session NVSC for the 
new interactive session. Another solution is to request the user to select an interactive 
session to be terminated. 

Details of the ECM: FIG. 22 

The information in an ECM that is used to determine whether the instance of a service 
that the ECM accompanies is to be decrypted in a given DHCT 333 is contained in ECM 
entitlement unit message 101 L FIG. 22 gives details of the contents of ECM entitlement 
unit message 101 1 for a preferred embodiment of the present invention. Beginning with 
message ID 2205, the two fields 2201 and 2203 identify this message as an ECM 
entitlement unit message. EAID 2207 is the identifier for the entitlement agent which 
grants entitlements to access to the instance of the service that the ECM accompanies. 

Decryption information 2209 is information used to produce the control word 2235. 
Control word counter value 2235 is encrypted using the 3DES algorithm in a preferred 
embodiment. This algorithm employs two keys, and in a preferred embodiment, each key 
is 1/2 of the MSK. Also, there are two versions of the MSK: even and odd. MSK parity 
221 1 specifies which version is to be used in the 3DES algorithm. MSK ID 2213 
specifies which MSK belonging to the entitlement agent is to be used, or if the ECM 
accompanies data for an interactive session, it specifies that the key is to be found in the 
NVSC for the interactive session. Control word parity 2215 specifies the parity of the 
unencrypted control word 2235. Parity count 2217 is a 0-1 counter that has the value 0 
when the parity of the control word is even and 1 when it is odd. 

Free preview 2219 is a flag that indicates that the ECM is accompanying a portion of the 
service instance that is a free preview. That is, as long as a customer has the MSK for 
decrypting the service instance, the customer needs no further entitlements to view the 
free preview portion of the service. The main use of free previews is with IPPV or 
NVOD services. Copy protection level 2221 is a value which indicates to what extent the 
instance may be copied. Blackout/spotlight 2223 is a value which indicates how 
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blac Wspo„igh. i„io™.,o„ 2236 Is ,o b. used: „„. a, for a blackcu, „. fo, a 
spothgh. (i..., fte service is u^e,ed ,0 Uie specific area). 



are 
in a 



Nun^ber of en,i..en,e„, ,Ds 2225 specifies U,e number of e„.i„eme„. IDs ,24i fta, 
co„.,„edi„d.sECM. ™-axi.u.„™beri„ap„fe„.de.bodi..e„;issix 
s.ng.= ECM. Mu.,ip,eECMs„a. be sen, for each service. AI.ow IPPV 2229 is a flae 
w.cM„dica.eswbed,er.eservicei„s.ance.a.be.^^^ 

ev::rr?'"'"*'^*"^=^""'"^-*^'™^----- 

even, ,„ .nd.ca.e fte end of ,heperiod during wMchfte c„s.o.ern,ay cancel *e even, 
W s,an.p 2233 is a «n,e s,a„,p indicaUng .he Un.e a. which d.e ECM was crea,ed 
Enco^,ed con.oi word 2235 is U,e con.o, word confined in d,e ECM. „ is enc^ed 
usmg *e 3DES algorita and the MSK for fte service ins^nce. 

o—rr """^^ ' - WaCed ou. 

or spotlighted by an instance of a service It Hn^c c« u 

" ^° means of X cehtroid 2239 and V 

c„24,,.e,woofwhichdefi„eapoin,„^ 

efine b, ,he en,i.,en,en, agen, and BiaCou, radius 2237. which is used .o decline a 
..uare U.. ,s cen,ered on d,e poin, defined by fields 2239 and 224. and *a, has s^ 1 
- ^v.ce ,he va,ue of biac.o„. radius 2237. En«e.en. ,D ,is, 22« contains Zle 
.0 s« en«en,en, ,Ds for d,c h^ance of *e se^ice ,ha,*e ECM accompanied 

Details of Blackout/spo.Iigh. Inf„ 2236: FIGs. 26 and 27 

Thecoordi„a,esys,emusedinaprefe.eden,bodin,en,isshowni„FIG26 Coord' , 

~Usa2.un..by2..i.s,,^,wid..eoHg.a,^ 

n ae coord.a,e sys.en,. i, is U,e iines, ratter U,an tte spaces be,ween U,e„. U,a, are 

DHCT 3 3 „ ,he area covered by *e coorana,e sys.=n, d,e coo,dina.s of an in,ersec,ion 

Thus. DHCT 333(k) „ay be assigned fte poin, (ij) 2603 in coordtoate sys,em 2601 . 

F.G. 27 shows how areas are defined in coordina,e sys,e„ 260. . Area 2705 has its 
c=nt.,d 270, a. the poin, whose coordina,es a. (57,90). T.e .dius 2703 of d.e a;ea is 
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three, so this number is added to and subtracted from each of the coordinates of the 
centroid to produce a square 2705 whose lower left-hand comer is at (54,87) and whose 
upper right-hand comer is at (60,93). In the preferred embodiment, points on the left and 
bottom lines are in the area; points on the top and right lines are not. 

Determining whether to Decrypt the Service Instance that Accompanies an ECM 

Conceptually, what happens when DHCT 333 receives an ECM accompanying an 
instance of a service is that DHCT 333 provides the ECM to DHCTSE 627, which 
examines the NVSCs in EA storage 133 1 to find whether the customer to whom DHCT 
333 belongs is entitled to receive the instance of the service. If the customer is so 
entitled, DHCTSE 627 decrypts the control word in the ECM and provides it to service 
decryptor 625, which uses it to decrypt the MPEG-2 packets containing the audio and 
video for the service. However, the number of different kinds of services, the number of 
different ways in which a service can be purchased, and the number of ways in which 
access can be restricted all work together to make the manner in which DHCTSE 627 
processes an ECM rather complex. 

The simplest case is for a broadcast service such as a standard CATV channel. Here, the 
customer who owns DHCT 333 has paid his or her monthly bill for the service and the 
entitlement authority has sent "two EMMs to DHCT 333: a MSK EMM with the month's 
MSK for the service and an EMM that specifies the entitlement ID for the service. As 
previously pointed out, the latter EMM may either contain a list of entitlement IDs or a 
first entitlement ID and a bit map. All of these EMMs may also contain expiration dates: 
in the case of the MSK EMM, there is an expiration date of the MSK; in the case of the 
entitlement ID list EMM, there is an expiration date for each entitlement ID on the list;" in 
the case of the entitlement bit map EMM, there is an expiration date for the entire bit 
map. 

At a minimum, EA information 1333 for the entitlement agent that provides entitlements 
for the service instance that the ECM is accompanying contains EA descriptor 1409, a 
MSK NVSC 1601, and either an entitlement bit map NVSC 1613 or an entitlement list 
NVSC 1623 for the service to which the instance belongs. EA information 1333 may also 
contain NVSCs with entitlement information for many other services or instances thereof 
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The ECM for the service instance will contain .t. 

down EA lis, ,406 unti, i, finds ^ EA descriptor ,409 haV ™* 

P-e.,S.3.o,UU4,,.d,„....MSK..SC,.,Tr^^^^^^^^^ 
1 60. containing the same value as MSK ID field 22 r • 

anMSK.VSC.ade.e™,es.„„„o «p ^ /a . " 

1605 conWns a valid time valu,„. f '"^ "xP'raiion date field 

■ ECM.S .in,e s,a„,p field ^ " 

use Mi)K 1 608 from MSK NVSr l fin i ^ 
word 2235. n,esecu« e,en,em continues sea„:h- , ""'"^'yP' ""X"! 

MSKlOandan^MSl^andi":;:" 

-sc..-tfi„dsnosnc.MSKKvsc,.tdoesno.dec;:r:o::::~"" 

DHCTSE 62 7 similarly searches list M 1 1 *x 

.nf H . . 14 11 for an entitlement bitmap NVSC 1 fin 

entitlement st NVSC I62T . ■ ^ 

.-en.en.e„..s2245l"::::T-:-:=^^^ 

en*Wn.,Oand<2)t.ereis„o.alide:Lt:„ " 

entitlement ID that is earlier than time stamp ,233 in the Prl ! " 

=Iso found a valid MSK NVSC1«„ T """SE 627 has 

lu ivisK NVSC 1 60, as described above DHCTSF fi77 a 
word 2235 usins the MSIC»„H^ ■ W decrypts control 

ng the MSK and decrypfon infotmation 2209 in the ECM n 
done ustng the 3DES algorithm that was used to encrv„, 

en^bodiment. the control word contained in the ECmT ™"'^"' '"^^ 

a-e,a„dO„CXSE62,producesthecon.ro,:o:::::r7r^^ 

service instance by re-enc™,Kn..T, • ^^^^'y "scd to deciTpt Uic 

_ ^ '^""«*'"""8"'^i"gtheMSKand,he3DP<;., 

T*a. control word usable by the service dectyptor is then retZed 

n.od„le 625, which uses it to dectyp. .he set^il ^"-'"o" 
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As is apparent from the foregoing description, when DHCTSE 627 searches an 
entitlement agent's entitlement agent information 1333 for a given entitlement for a 
service, it continues searching until it has either found an NVSC that contains the 
entitlement or it has reached the end of list 1411. What this means in logical terms is that 
the entitlements that a given entitlement agent can grant are the logical OR of the 
entitlements specified in entitlement agent information 1333. For example, if one 
entitlement bit map NVSC that contains the same entitlement ID as the ECM has expired 
but another has not, DHCTSE 627 disregards the expired NVSC, and based on the active 
NVSC, produces control word 2235. 

It should further be pointed out here that time stamp 2233 in the ECM and the expiration 
information in the NVSCs prevent reuse of a previous month's MSK to decrypt an 
instance in the current month and also prevent reuse of a previous month's entitlements in 
the current month to implement the protection against replay attacks described in the 
Banker and Akins patent application supra. 

Where further restrictions apply to an entitlement, DHCTSE 627 searches for that 
information as well in entitlement agent information 1333. For example, if 
blackout/spotlight field 2223 of the ECM indicates that a blackout applies to the service, 
DHCTSE 627 uses blackout/spotlight information 2236 to determine whether the location 
specified by x coordinate 1521 and y coordinate 1523 is within the square specified by 
blackout/spotlight information 2236; if so, DHCTSE 627 does not decrypt control word 
2235. When a spotlight applies, the procedure is of course the opposite: DHCTSE 627 
decrypts the control word only if x coordinate field 1521 and y coordinate field 1523 
specify a location within the square. 

As previously noted, the techniques that are used to grant entitlements according to 
geographical area may be generalized to grant entitlements to various subsets of 
customers. For example, entitlements may be conceptually represented in a Venn 
diagram, blackout/spotlight information 2236 may specify an area in the Venn diagram 
that represents the set of customers that are entitled to receive the service, and x 
coordinate 1521 and y coordinate 1523 may specify the location of the customer in the 
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v™n diaen^. One use of such an a:^,en,en, would te ,o .snlc, access .o an instance 
Of a sen,.ce acc„.i„g .o a cus.on,e.s desi. U,a. use. of his o. he. DHCT no. have 
access.o,ns.anceswl.hohJec«„naMeco„.en,. o.he. e„hodin,en,s, of cou.e 1 
coordinates or ote „a.s of „i„, se. .entbership couid be used. 

Event Services 

When the ECM accompanies an instance of an even, i„,e„„ of ,he ECM «ces 
Place as descnbed above, except that dte entiUement info™aUon for the event is 

for the ent-Uenten, agent having the EAID that is in Ute ECM for an event NVSC 
.70, contatntng an event descriptor ,703 with an entit,en,en, ID 17,3-thatisthesZ 
one of the entitlement IDs 2245 in the EClVl If, h, ■ *^"=*=^=as 

mmetcivi. If the event IS a standard pav-ner-vi,w 
=vent,DHCTSE 627 then examines the fla=sl7n^, ^ ■ 

w. h standard pay-per-view). The DHCTSE 627 then compos purchase time , 707 IT 

endt.me,70,withtimestamp2233 todeten,nnewhctherthetili„dicateTbr. 

stamp is within the period indicated by fieids, 707 and ,709 Ifthe - *^ 
NV<?ri7nt-^- , If^heexammationofevent 
NVSC 1 701 indicates that the customer is entitled to the event DHCTSE 627 d 

control word 2235 as described above. ' ' "^^^^^ 

With IPPV or NVOD events, allow IPPV flag 2^29-in th. Prx. 

iTi- V iiag z^z^m the ECM must ndicate that th^ 

event ,s one that need not be purchased m advance Fr. • . ^^^t the 

se..oin.cate.at.eportionoftheevent.nsZa:3rrE^^^^^^^^ 
the free preview, and cancel Window flae -723 1 rr^vfi^i, u is part of 

^ , ^-^-^^ ™^y^er be set to indicate that the 

event can still be canceled. If free nreview fl.c -7-7 1 o • 

foraMSKNVSCl60,- .7" "^'^ " ^^^^SE 627 simply looks 

MSKNVSC 1601 :nEA information 1333 that contains the MSK specified by MSK 
ID 2213 m the ECM. If the DHCTSP fiOT r a , "cuoyiviiK 
2235. DHCTSE 627 finds one that is valid, it decrypts control word 



If free preview flag 22 1 9 is not set DHCT9F AO-? 

.. ' ^^^^2^ to the event NVSC 1701 havinc 

heent.^entIO,7,3.^^ 

«a.s , 705 .„d.cate tha. the purchase of the event has been confirmed and the even, has 
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not been canceled, DHCTSE 627 decrypts control word 2235. If the event has not been 
canceled and has not been confirmed, but time stamp 2233 indicates a time that is within 
a predetermined period after purchase time 1 70.7 indicated in event descriptor 1703, 
DHCTSE 627 also decrypts control word 2235. It is by this means that the service 
5 instance continues to be decrypted between the time the FPM is sent to the entitlement 

agent and the time the entitlement agent returns the acknowledge IPPV/NVOD event 
EMM. This causes the confirmation flag to be set in flags 1705. 

Cancellation of Entitlements to Events: FIGs. 17, 19, and 22 

10 Whether a user can cancel a previously purchased entitlement to an IPPV/NVOD event 

that he or she has purchased preferably depends on the event. There are three 
possibilities: 

• the entitlement can be canceled up to two ininutes past purchase; 

• the event can be canceled during a period of time termed a cancellation window; 
\5 or ' 

• the event cannot be canceled. 

Which of the three possibilities is associated with a given event is determined by the 
purchasable entitlement data 1913 in the GBAM that accompanies the event. One flag in 
flags 1917 indicates whether the event can be canceled; another indicates whether 
20 cancellation is possible in a cancellation window. If neither flag is set, the event cannot 

be canceled. When DHCTSE 627 makes an event descriptor 1703 for the event, the 
values of the flags in the GBAM are used to set flags in flags 1 705 which indicate 
whether the event may be canceled or during a cancellation window only. Again, if 
neither flag is set, the event cannot be canceled. 



25 



The user cancels an event by requesting cancellation via customer input 628 to DHCT 
333. When DHCT 333 receives the input, it provides a cancellation request, including the 
EAID and entitlement ID for the instance, to- DHCTSE 627, which uses the EAID and the 
entitlement ID to locate the event NVSC 1701 that contains event descriptor 1703 for the 
event. If the flags in flags 1 705 indicate that the entitlement cannot be canceled, 
DHCTSE 627 indicates that fact to DHCT 333, which then indicates that the entitlement 
is not cancelable to the user. If the flags indicate that the entitlement can be canceled, 
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DHCTSE 627 staply s«s ca„.eled flag in even, d.sc„p,or ,703. ,f u,e flags indicate 
*a, U,e e„,„,e„e„. can be canceled oni,. du,„g a canceiiaHon window, and an ECM 
.nd.ca..ng d,e cance, window ha. ended has no. ye. been reived. DHCTSE 627 se. *e 
cancel flag n, even. descrip.o. .703; oU.erwi.e. i, indica.e. ,o DHCT 333 ^ fl,e 
emulemem cannot be canceled, and DHCT 333 so infonns fte user If fte even, ha. h 
canceled, DHCTSE 627 clears *e acknowledged flag which action 1 
be sen. to fte enMcmen. agent for the even. L e ' ^ '° 

K„ ,. . , * ™=™'''™cmagen. responds .ottteFPM 

b»ng ,.3 bUling as required by the cancellation and sending a new acknowledge 



Interactive Sessions 

^e Chief differ^ce between broadcast se,.ices and in.erac.ive services is U,at each 
e s.„„ of d,e ^.eractive service has its own interactive session key. which is contained 
~„vesessiohNVSCforthe.terac,vesession. T.e NVSC for the intet^Hvc ' 
sess,on also contains the entitlement ID for the interactive session. In an ECM Aa. 
accompanies .he MPECJ s«an, fpr an in.eractive session. MSK ID fleld 22,3 is set to ■ 
value w ,ch indicates *a. d,e MPBG-2 s.ean, is .o be dec^ted using an in.erac« ^ ' 
sess.on key. When DHCTSE 627 i„.e,pre.s snch an ECM, i. uses enUtiement ID 2245 .o 
fi»d .he NVSC for the interacUve session and then t.es the interactive session key 
contamed in rte NVSC .o decryp. con.ro, word 2235. 

Detailed Description of Transaction Encyption Device 603: FIGs 24 
and 25 

each EA .ha. can gran. ennUements in system 50, has a TransacUon Enct^pUon 

Dev.ceorTED603 i„sys.em50,.Preferab,y,eachCAAorEAha3i.sownslU 
TED .n sys.em 60,. A..e™aHve,y, «,e TEDs could be combmed in one device. The TED 

0^.ores the sec„.keysnsed by the entity to Which it belongs and hashardware J 
software to do encyption, dectyption. key generation, and authentication as required by 

user I/O devtces. by nnplemenUng it in a tamper .sistan. comainer. by connecUng the 
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TED only to the DNCS and using a secure link for that connection, and by keeping the 
TED in a physically secure environment such as a locked room. 

In the case of a TED 603 for a CAA, the TED 603 stores the private keys corresponding 
to the three public keys representing the CAA in the DHCTs 333, encrypts and provides 
sealed digests for of EMMs jfrom the CAA to the DHCTs 333, and decrypts and 
authenticates messages from the DHCTs .333 to the CAA. In the case of a TED 603 for 
an EA, the EA TED does the following: 

(1 ) stores the public and private keys for the EA and the MSKs for the EA; 

(2) generates the E A public and private keys and the MSKs; 

(3) encrypts and prepares sealed digests for the EMMs sent on behalf of the EA; 

(4) prepares the shared secret digests used to authenticate global broadcast messages; 

(5) provides the MSKs to SEES module 620 for use in encrypting instances of 
services; 

(6) generates interactive session keys (ISKs) for interactive session EMMs and 
provides them to SEES module 620 for use in encrypting the interactive session; and 

(7) decrypts FPMs and other messages sent from DHCT 333 to the entitlement agent. 

TED 603 in Conditional Access System 601: FIG. 24 

FIG. 24 shows the relationship between a number of TEDs 603 and the rest of conditional 
access system 601. Portion 2401 of conditional access system 601 includes a CAA TED 

2427 for a CAA that authorizes entitlement agents in system 601 . Portion 2401 also 
includes one EA TED 2425 for each of the n+J entitlement agents which the CAA has 
currently authorized for DHCTs 333 in digital broadband delivery system 501. 
Alternatively, all EA TED 2425 functions could be combined into a single TED, which 
could include the CAA TED 2427 function. Each TED is kept in a physically secure area 

2428 and is connected to DNCS 507 by a secure high-speed link 2423 that connects only 
DNCS 507 and the TEDs 603. In the preferred embodiment, the secure link is a secure 
Ethernet link. DNCS 507 uses TED 605 to encrypt EMMs, to decrypt FPMs, to generate 
EA public and private keys, to generate MSKs and ISKs, and to prepare global broadcast 
message digests. DNCS 607 has a remote procedure call interface to the TEDs 603 for 
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P^rfomiing these operations, and, conseoumtiv „„„ 

f ., • , ' ™'"'"^"">''P">8'anK executing on DNCS 607 can 

use ,l,e factimes of a TED simply by ntalcing a procedure call. 

DNCS 507 is the sole connection between a given TED 603 and the rest of conditional 

:::rr'- °"'"""~^---°---°---e-.Co 

* CAA and d-evanousEAs. Each oftheseenuties has a database containing 

a. least *e CAA s three publ.c keys and encrypted versions of the cotresponding three 
pnvate.eys,.heen.idententage„tidenti«ersfortheentitlen,entagen.:attheC^^^ 

Ts c ; T ~ *^ ™' -""-^ Of the 

NVSCs that the CAA has allocated to each entitlement agent authorized for the DHCT 

Each EA2409(i)hasitsownEAdatabase2407(,). EA database 2407(i) preferably 

— eEA,DfortheEA,a,istoftheMSK,Dsandexpira.ion 

«>at the EA ,s currently using, and a database of the service, and/or instances th tTe EA 

.3 prov.d.ng. This database of services contains at least the entitlement ID fortr 
serv,ce. EA database 2407(i) .so tncludes a per-DHCT database of the entitlement IDs 

such as the .nformahon requrred to deal with thepurchase infonnation in an FPM. 

o DNCS 507. I„.a prefetred embodiment, key certificadon authority 24.3 is maintained 
by the manufacturer of DHCTs 333 DHrri-- H . V , '-"smaintamed 
DHCT^-, K """^^ ''=5"'"'^''^ 241 1 contains a database of 

iJ-HCl senal numbers and their oublic kevQ •u/t,^ 

'^P^'^^'^^^^eys- When a user ofa DHCT 333 wishes to 
purchase an instance of a service offered bv an FA th» . 

P . . ^ ■ ^ user sends a purchase order to the 

EA with the seriaJ number (which is also the 7P ^ ^ . 

^ '"^n IS aiso the IP address) of the DHCT 333 The EA 
provides the serial number to DNCS 507 whiVK • 

"^^'^^h maintains a database 2421 of DHCT 
public keys by serial number. If the serial n,„«k» • • u 

^^"^ ''"^b^'- IS not m the database, DNCS 507 
sends a request for the public key to KCA 24 n tk^ 

.A.u, ^ ^^'■e<l"est contains the serial number 

and the key certification authority responds to th. \ 

oniy responds to the request by sending a digitally signed 
message 24 P to DNr<> -^07 tv,-. B"'iiiy signed 

1. DNCS 507. This message contains the DHCT's public key. DNCS 507 
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has the public key for the key certification authority and uses the public key and the 
digital signature to confim the authenticity of the DHCT public key in the message. If 
the public key is authentic, DNCS 507 places it in public key database 2421. 

DNCS 507 is further connected via another high-speed link 2417 to SEES 620, which is 
provided with MSKs for encrypting instances of services. Additionally, DNCS 507 
provides global broadcast messages (GBAMs) and EMMs for broadcast via transport link 
5 1 7 to the DHCTs 333. Finally, DNCS 507 is connected via the reverse path provided by 
LAN interconnect device 617 to the DHCTs 333 and receives FPMs from the DHCTs 
333. In other embodiments, DHCT 333 may also send EMMs to DHCTs 333 by this 
route. 

Data flows in portion 2401 are shown by labels on the arrows connecting the components. 
Thus, an EA 2408(i) sends unencrypted contents 2410 of EA EMMs and global broadcast 
messages to DNCS 507 and receives unencrypted contents 2412 of FPMs for the EA from 
DNCS 507. With EA EMMs and global broadcast messages, DNCS. 507 uses EA TED 
2425(i) to do the necessary encryption, digest making, and key generation and then sends 
the encrypted and authenticated EMMs and global broadcast messages, as well as the 
MSKs, to SEES 620, as shown at 2426 and 241 8. In the case of EMMs, which are 
repeatedly sent over an extended period of time to the DHCTs, DNCS 507 stores the 
encrypted EMMs in EMM database 2420 and provides them to SEES 620 from there. 
With FPMs; DNCS 507 uses the EA TED 2425G) for the EA 2409G) to which the FPM is 
addressed to do the decryption and authentication and sends decrypted FPM contents 
2412 to EA 2409(i). DNCS 507 treats CAA EMMs the same way as EA EMMs, except 
that the encryption and digest making is done using CAA TED 2427. 

DNCS 507 also contains a database of encrypted entity information 2419, which 
comprises encrypted copies of the private keys and MSKs stored in the TEDs 609 that are 
connected to DNCS 507, This encrypted entity inforaiation is used to restore a TED if a 
malfunction or the physical destruction of the TED should cause loss of the key 
infomiation. The encryption is done in the TED using a pass phrase. When the 
information has been encrypted, it is output to DNCS 507 and stored in database 2419; 
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Detailed ImpJementation of TED 2425(.): FIG 25 

FIG. 25 is a dialled block diagran, of a p.fe.ed ™bodi™„, of an EA TBD 2«5fi, , 
*e p„fe:^ e.bodi™„, TED 2425(i, is i.p,e„„.ed usi„. a st^Z 

accelerating RSA encryption and deciypti, 



tion. 



As sho™ i„ FIG. 25, Ac main componants of TED 2425(i, are CPU .50 , 
: ~ 3537. an E*en,e, boL 25T, Id 'nTr , ' 

RSA acce,.a.o. boards 253,(0 .. ai, i„,e.onnec.d by bus 25 ' U " 
.than one RSA accelera,or boari 2549 pe™i,s rsa = 

™™n 1 • '^ '^'^^^^Won and/or deciTption in 

paraiie,; „ consequence, .be p.fc„ed en,bodin,e„, of T^D 2425(i, is cap^^f 

enc.^.in,ap,„.,i^„,HMMsve..pidi.,e,.,vW«nasecon „r:l!pl • 

o..ec^.io;a"^^^^^^^ 

Men^ory 2505 contains EAinfonnation 2507. Which is the nuhM. h • 

™Me„..a.en,.o«bicbTED24250)be,o„...e:^^^^^^^ 

Which IS the code executed by CPU 2501 Th. ^ . ^> and code 2o23, 

--andEA.nfo™..io„250;a.eZo,::rb::^^^ ' 

J t ^i^iuic, wun tne part containincr code J^i-y^ u^- 

(I) MSK generaUng code 2525, which generates MSKs and ISKs from random 
numbe. provided by random number generator 2537- fr^-'io™ 

(3, MD5 code 2529, which perfo^s ^ MD5 one-way hash aigoridtm; 
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(6) RSA encryption/decryption code 2535, which performs RSA 
encryption/decryption with the assistance of RSA hardware 2539; 

(7) EA information encryption code 2536, which encrypts EA information 2507 with 
a pass phrase for storage in DNCS 507; 

(8) EMM code 2538, which produces encrypted and authenticated EMMs; and 

(9) FPM code 2540, which decrypts and checks FPMs. 

EA information 2507 contains the information needed to do the encryption and 
authentication of GBAMs and EMMs sent on behalf of the EA represented by TED 
2425(i). EA information 2507 also facilitates and contains information for decryption and 
authenticity checking on FPMs directed to that EA. In a preferred embodiment, EA 
information 2507 includes at least: (1) EAID 2509, which is the EAID for EA 2409(i), 
EA Ku 25 1 1 and EA Kr 25 1 3, which are the public and private keys respectively for EA 
2409(i); and (2) a MSK entry (MSKE) 2515 for each MSK being used by EA 2409(i) in 
conditional access system 601 to which TED 2425(i) belongs. Each MSKE 2515 - 
contains MSK identifier 25 17 for the MSK, the expiration time 25 1 9, if any, for the MSK, 
MSK parity 2520 for the MSK, and MSK 252 1 itself 

Operations Performed by EA TED 2425(i) 

When EA TED 2425(i) is initialized, it is provided with the EAID for the EA to be 
represented by TED 2425(i). It stores the EAID at 25.09 and uses RSA key generation 
code 2517 and a random number from random number generator 2537 to generate EA 
public key 25 1 1 and EA private key 25 1 3, which are stored in EA Information 2507. A 
Remote Procedure Call (RPC) permits DNCS 507 to read EA public key 25 1 1. Other 
RPCs permit DNCS 507 to read TED 2425(i)'s serial number, to get and set TED 
2425(i)'s system time, and to call TED 2425(i) to determine whether it is responding. 
TED 2425(i) responds to this call with its serial number. EA TED 2425(i) also reports a 
number of alarm conditions to DNCS 507. These include encryption partial and total 
failure, random number generation failure, memory failure, and TED and Ethernet 
overload. 
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ConUnuing w,* the =nco-p,i„„ and au,he«ic.,,o„ of HMMs. DNCS 507 has ,wo RPCs 

ZT T"' ''''' ^ 

MSK EMM for EA 2049{i), i, receive U.e following from EA 2409(1). 

(1) .he 3=rial,„un,ber of U,c 0HCT 333 which is fte destination of the EMM- 

(2) an EAID for EA 2409(0; 

(3) the EMM'S type; and 

(4) fte infonnadon neededfor an EMM of d,a, panicula. type, for exan,p,e an 
entnWn. bit „ap together with d,e first entitlement ID, the expiration date, and the 
no-expiration date flag. 

DNCS 507 ..es «,e seria, n^her to look up the public key for the DHCT 333 in public 
.ey database 2421, uses the EAlD to determine which TED 2425 to use, formats I 

pubhc Key. EMM code 2533 dten uses M05 code 2529 to make a digest of the foZed 

DHCT s pubhc key and encoT,. digest with private key 2513 for d,e EA The 
enctypted fonnatted information and the encrypted digest are pt^vided to DNCS 507 
whtch adds whatever else is necessaty andplaces the EMM in EMM database 2420. ' 

For an MSK EMM, DNCS 507 receives the EAID the DHrx „ ■ , . 
tv™ .h,j/c.. ■ . DHCT senal number, the EMM 

type, the MSK partty, ^e MSKID. and any expiation date from EA 2409(1). DNCS 507 
*e„ re^teves the DHCT setial number, fonnats the infotmaUon, and makes the RPC Z 

™escribed.lnt«scase,EMMcode253SlooksinEA,nfo.mation2507toj: 

Then EMM code 2538 uses MD5 code 2529 to make a digest of the fonnatted 
m^tma^on. ,MM code 253S d,e„ uses RSA enc^ption/dect^tion code to encrypt the 
tonnatted infonnation with the DHCT's Dublic pv anH 

n^i s public key and encrypt the digest with the EA's 
pnvate key and returns the EMM to DNCS 507. as described above. 

The interface for giving a global broadcast message its authentication infonnation 
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global broadcast message. GBAM authorization code 2533 in TED 2425(i) uses the 
MSKID to locate MSKE 2525 for the MSK, combines MSK 2521 with the contents of the 
global message (GBAM header 1807 and global broadcast data 1809 in FIG. 18), and 
uses MD5 code 2529 to produce the digest (GBAM MAC 1805), which it returns to 
DNCS 507. 

With messages sent from the DHCT 333 to the EA, such as the forwarded purchase 
message, the IP packet in which the message is sent includes the IP address of the DHCT 
333 which is the source of the message,' and that in turn includes the serial number of 
DHCT 333. DNCS 507 uses the serial number to locate the public key for DHCT 333 in 
public key database 2421 and provides the public key to TED 2425(i) together with 
encrypted envelope key 2103, CA FPM message 2105, and FPM signed authentication 
2107 from the FPM. FPM code 2540 then: 

(1) uses EA public key 251 1 and RSA encryption/decryption code 2535 to decrypt 
FPM encrypted envelope key 2103; - 

(2) uses 3DES code 253 1 and the decrypted envelope key to decrypt FPM encrypted 
events 21 13; 

(3) uses RSA encryption/decryption code 2535 and the public key for DHCT 333 to 
decrypt FPM authentication 2107; and 

(4) uses the decrypted encrypted events with MD5 code 2529 to produce a new hash 
which it compares with tiie decrypted value of FPM authentication 2107. If this 
comparison indicates that the FPM is authentic; TED 2425(1) rerums the decrypted events 
to DNCS 507, which in turn forwards them to EA 2409(i). 

The MSKs in MSK'25 1 5 are generated by TED 2425(i). The interface for MSK 
generation simply requires the MSKID for the new MSK, the parity for the new MSK, 
and any expiration time. MSK generation code 2525 receives a random number from 
random number generator 2537 and uses it to generate the new MSK. Then the MSICE 
2515 for the new MSK is made and added to EA information 2507. If there is already an 
MSKE 2525 for the MSKID for the new MSK, the new MSKE replaces the existing 
MSKE. TED 2425 (i) also generates interactive session keys for the add interactive 
session EMM. Key generation is as described for the MSK EMM. Once TED 2425(i) 
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p^oviaea *e EMM con.™ u,e „c^p«. ,„ ^,^,3 ^, 
-a „ „em„o, 2505 where U,e i„,e.e,ive session key was stored. 

CAATEDs 

CAA TEDs 2427 have the same hardware as FA TFrvc k . ■ u 

-.e, eneryp. CAA BMMs used . 1 ; " 

HMMe..p..„.ao„ee.c...aeseH.rHAC^^^^^^ 

lui HA I i:,jjs, I Qj^j 1^ required for 

pnva.e .e., ^ey .e.fo. need o., s.o. one of U,e W p.„ic-p Je .e. p.^"; 
^.esen, .He CAA. ^e CAA pu,„c-p.va.e .e. p.. u .e„e..ea eisewhere. ;e p ^1 

j:o:cz::z:rr"^^"'°'^^*"^''--'^''^-'=''- 

" • ">™°r!' 250=. The encrypted private key, but no. the pass 
Phrase., stored in enc.yp.ed en.ity information 24,9 i„ DNCS 507 as welL 

AuthenUeating Data for Applications Running „„ dhct 333: nc 23 

The forgoing ha. disclosed how conditional access systen, 601 uses the conditional 
a ce , ^^^^^^ ^^^^^^^^ ^ ^ ^ 

603 to provde security for its own operations and for the keys and enU.len,e! . 
.nforntanon required .0 decrypt an instance of a service. Ano*er «mction of conditional " 

.cc«ss,.en^.Onstha.ofensuri„gsecuredatadow,.oadsforapplicat.ons^ 
DHCT .... There are .wo paUts by which data may be downloaded: (1) in an MPEG , 
™a the high bandwidth path running .on, SEES .1, via transport network 5"; 
HPC network 521 .0 OHCT 333, and (2) in IP packe.s v,a .he lower bandwidth path 

^-ng.om control suite 607 viaLAN interconnect device 61 7 and QPSK modlor 
621 to HFC network 521 and DHCT 333. 

As with the data used in conditional access system fini ih. 

. , '^"^ ^y^^^™ 601' tiiere are two aspects to the 

problem: secunty and authendcauon. Security may be attained by encrypting .he data ,n 
*= case Of data delivered by the high banded, pad,, encryption n,ay Z^T^ ^S 
-g an MSK when .he dau .s intended for all DHCTs 333 having a »iven enti. I^' 

.cntorbymeansofthepubl.ckeyfortheO„CTwhe„d,edatais^„.:ni:::!^^^^^ 
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DHCT 333. In the case of data delivered via tlie lower bandwidth path, the data is 
addressed to the IP address of a specific DHCT 333 and may be encoded with the public 
key of the DHCT 333. In the case of encryption with a MSK, the MSK is provided by 
transaction encryption device 603 , and, in the case of encryption with the public key of 
the DHCT 333, transaction encryption device 603 can provide the key or do the 
encryption itself. DHCTSE 627 contains the keys needed to do the necessary decryption 
in DHCT 333. 

The authenticating entities in conditional access system 601 comprise the conditional 
access authority and the entitlement agents. Authentication of downloaded data is done in' 
the same fashion as in EMMs, namely by using a one-way hash'function to make a digest 
of the downloaded data and then encrypting the digest with the private key of the 
authenticating entity to make a sealed digest. In the preferred embodiment, the sealed 
digest is made in transaction encryption device 603. When the downloaded data arrives ' 
in DHCT 333, DHCTSE 627 uses the public key of the authenticating entity to decrypt 
the sealed digest and then uses the one-way hash function to again hash the downloaded 
data. If the downloaded data is authentic and has not been corrupted in transit, the 
decrypted sealed digest and the result of hashing the data in the one-way hash function 
will be equal. It should be noted at this point that the authentication is done not by the 
originator of the data, but rather by a CAA or EA that is known to the digital broad band 
delivery system. Moreover, because the CAA or EA is already known to DHCT 333, 
downloading of authenticated data to DHCT 333 can occur without intervention of the 
user of DHCT 333. 

There are many ways of relating the authentication to the data being authenticated. One 
way is to use a GBAJvl as described above v^dth regard to FIG. 20. In such a case, the 
GBAM payload 2003 would be the digest for the data being downloaded and entitlement 
agent 2005 would encrypt the digest with its private key as well as making a digest usiiig 
payload 2003 and a MSK. Another way is to simply send a message via the MPEG-2 
transport stream or using an IP packet that contained an' authentication portion as well as 
the data. 
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One kind of dau U«, can be downloaded using the above techniques is code ,o be 
executed by the general pun>ose processor in DHCT 333. The memoty used by the 
processor includes a ponion which is flash memoty. That is, the ntentoty cannot be 

^ttento like ordinaty writable n,emo,y.bm can be re^tten only as a whole Such 
memory is typically used to hold downloadable code. FIO. 23 shows a message 
contai^ng downloadable code. Code message 2301 has fwo parts: authenticaUon part 
2303 and code par. 2305. Code par, 2305 contains encrypted or unencrypted code as the 
sttuatton requires. Authentication patt 2303 contains at leas, two items of informaUon- - 
au,hendca.or idenUfier (AID) 2307 and sealed diges. 2309. Authen.icator identifier 2307 
.s CAAID or EAID for *e condi.ional access auU,ori.y or en.itlement agent is 
au.hen,ica.ing code 2305. sealed digest 2309 is made by hashing code 2305 in a one-way 
hash function to make a diges, and then encrypting *e diges, with the private key of fte 
CAA or EA that is auftenticating tte code. SD 2309 is produced in a preferred 
environment by a transaction encryption device 605. 

Code message 2301 can be sent either in a MPEG-2 transport stream or as an IP packet 
Message 2301 n,ay be broadcast to any DHCT 333 that has ,he auftenticating CAA or 
EA, or ,t may be sen, to a specific DHCT 333. In fta, case, ,he packe,(s) carrying code 
message 2301 will include an address for DHCT 333. In *e p,efe,Ted embodimen, the 
add^ss is DHCT 333's serid number. When code message 230, arrives in the DHCT 
333 for which i, is intended, code execuiing on ,he processor performs fte one-way hash 
function on code 2305 and provides the resuh rogefter with AID 2307 and sealed digest 
2309 ,o DHCTSE 627. DHCTSE 627 uses AID 2307 to locate the public key for the 
CAA or EA and then uses the public key to decrypt sealed digest 2309. Finally h ' 
compares the hash value in decked sealed diges, 2309 with tha. provided by U,e code 
execu,mg on fte processor, and. if they are equal, DHCTSE 627 signals ti,a, fte coi. has 
been authenticated. 
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Public Key Hierarchy (Fig. 28) 

The various elements of the system described herein collectively implement a public key 
hierarchy 2801 within the network. This is advantageous because such a hierarchy can be 
used to establish the "trust chains" that support scaleable and spontaneous commercial 
interaction between DHCTs 333 and other networks that employ public key-based 
security, such as the Internet. It can also be used to establish trust in user commercial 
interactions with the DBDS 501. 

FIG. 28 shows the hierarchy of public key certification in the DBDS. There are two 
independent ''trust chains" shown. On the left hand side is the "DHCT chain", which 
establishes the validity of the public keys associated with DHCTs 333 and enables trusted 
use of digital signatures made by the DHCT 333. On the right hand side, is the "Operator 
chain" which establishes the validity of public keys associated with the network operators 
and the subtending EAs within each system and enables trusted use of signatures of these 
entities. 

The DHCT signature 2806 may be used as described elsewhere herein to authenticate 
messages sent from the DHCT 333. However, for recipients to be able to trust such 
DHCT signatures as authentic, they must know with certainty that the public key claimed 
to be associated with DHCT 333 is in fact the true key which matches with the DHCT's 
private key. This is accomplished by certifying the DHCT certificate 2806 with the 
factory programmer certificate authority (FPCA) signature. The FPCA signature can be 
trusted because reference can be made to FPCA certificate 2805. The DHCT certificates 
2806 and the FPCA signature as well as the FPCA certificate 2805 are preferably made at 
the manufacture time of DHCT 333 in a secure way. Since it may be necessary over time 
to issue new FPCA certificates and use new FPCA signatures, each FPCA certificate is 
also certified with a signature of the DHCT Root which may have its own certificate 
2804. Said DHCT root certificate 2804 may either be self-signed or may be certified by 
another authority. DHCT root signature is preferably administered in a highly tamper- 
resistant device, such as one that meets the requirements of FIPS 140-1 Level 3 
certification. 
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^anne. .escnbed e Whe. herein. U^ewise. .he Ope... CAA sig„a,u. using ,He 
Operator CAA cenifica,e 2802 . used .0 o^fy each EA signature as descrihed 
p:.v,ous,y herein. Above U,e operator CAA signan^. r^, caa signals n,ay he 

used to introduce an operator CAA 2802 to a DHCT 33 Hn . c<. 

lu a i^n^ I j J j in 2 secure way. In fact 
preferaHy a. ™fac„^ ^„ ^ ^ 

secure NVMoflhc DHCT 333 Thm «„fi..„,- "niome 

^'''^^-n^ messages &om any iwo of the Root 
CAAs n^y be used to replace the dtird Root CAA public icey with that of the Operator 
CAA Whose key is certifled in Dpe^torCAAcertiflcates 2802. Tie Root CAA is 
preferably administered by the manufacturer in a tamper™, device that mee. or 
exceeds fte re,uiremen. of HPS ,40-1 Leve, 3 certification. It is possible, however 
through an appropriate se,„ence of messages, .o change a,, of .he Roo, CAA public ic'eys 
» be those Of other CAAs that the manufacu^r has no con.o, over. is U.us p^ssiu!^^ 

^move the manufactu^r from the signatur^chain. in this case, the Root CAA 1 be 
.meo.„^^^ 

AS shown in P,G. 23 and described eisewhere herein, each operator may have a piuraiity 
of EAs. ,n a prefe.ed embodiment, there is a different EA and an assoc.a« EA 
cerhficate 2S03 for eve., operating site of any given operator TUs ensures .ha. DHCTs 
can no. be migra.ed be.ween ope..ona, si.es without the knowledge and pa.^cipa.ion of 

the operator CAA Signature 2802. ^"Panon ot 

The geo-pohuca, CA ce.,fica.e 2807 shown in HO. 28, is no, required ,o opera.e «,e 
normal cond.Uonal access and eleconic activi.ies of the operator. However, the operator 
™.d.,„,oli„.i.ss.gnat^.h.ni„toa,argerc^ 

DHCT3 3„ aru,„3, in transactions involving entiUes outside of the opet^tofs DBDS 
n th.s case, ^e s.gnature chains may be readily linked to those of geo-political CA and ' 

2304, *e Roo, CAA signa„.e 2808 or ope..or CAA signatures 2802 certifiefby Z 
geo-poh..cal CA sig„a..e. TT>is is accomplished by having a c^tificate placed in a 
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database for each of the public keys associated with signatures 2804, 2808 and 2802. 
Said certificate is signed with the private key of the geo-political CA 2807. 



FIG. 29 shows an EMM generator 2901 . As described elsewhere herein, it is preferred 
that DHCTs 333 that are operated by different operators in different DBDS instances are 
controlled by an operator CAA that is specific to that operator and system. Since DHCTs 
333 at manufacture time are not configured to be controlled by any operator CAA, but 
instead are controlled by three Root CAAs the public keys of which are placed in the 
memory of the secure processor during manufacture, they must be reconfigured for " 
control by different operators. This must be done securely. As described elsewhere 
herein, messages bearing the digital signatures of two of the Root CAAs can be used to 
reconfigure the terminal with respect to the third CAA. The EMM generator 2901 is used 
to produce one of the two messages needed to introduce a new Operator CAA public key 
in a certified way to the DHCT 333.- DHCT public key certificates 2902 are input to the 
EMM generator so that it may know for which DHCTs messages are to be made. The 
DHCTs that will be controlled by a specific operator may be placed in a separate file of 
the input device or may be associated with an operator in other ways clear to those skilled 
in the art. 

Prior to generating introductory EMMs 2903, certified public keys of the various 
operators served by the EMM Generator 2901 are loaded into the public key memory 
2904 of the EMM Generator 2901 . Thus, when EMM generator 2901 reads input of 
DHCTs needed to be introduced to Operator A, the EMM generator uses the public key of 
Operator A read fi-om memory' 2904 to produce EMMs containing the public key of 
Operator A.. Likewise, prior to generating introductory EMMs 2903, the private keys of 
the Root CAAs must be loaded into the private key memory 2905 of the EMM generator 
2901 . Said EMMs are digitally signed by the EMM Generator 2901 using the private 
keys of the Root CAAs contained in memory 2903. Since private signing keys are 
contained in memory 2905 of EMM Generator 2901, the EMM Generator 2901 must be 
implemented in a secure fashion that prevents discovery of the values of the Root CAA 
private keys stored in memory 2905. EMM Generator 2901 should thus be implemented 
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in a tamper-resistar^t device which meets the requirements of FIPS 140-] Level 3 or 
higher. 

Since «.o Roo, CAA private keys ™us. be used to sign separate CAA Introductory 
EMMS 2903, there are preferably two EMM Generators 290, implemented, one each for 
each of the two Root CAA private keys. ,. i. aiso preferred that EMM gene^tors 290, 
are operated m separate physical facilities. 

The Detailed Description of a Preferred Embodiment set forth above is to be regarded as 
exemplary and not res«1ctive; and the breadth of dte invention disclosed herein is to be 
detennmed f^om the claims as interpreted with the full breadth permitted by the paten, 
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What is claimed is: 



1 . - A method of decrypting an instance of a service that has been encrypted with a 
short-term key, the method being carried out in a receiver that has a public key-private 
5 key pair and the method comprising the steps of: 

receiving a first message in the receiver whose contents include a long-term key, 
the contents having been encrypted using the public key for the receiver; 

using the private key to decrypt the contents; 

storing the long-term key; 
' 0 receiving a second message in the receiver together with the instance of the 

service, the second message including a key derivation value; 

using the key derivation value and the long-term key to obtain the short-term key; 



15 



and 



using the short-term key to decrypt the instance of the service. 



2. The method set forth in claim 1 wherein: 

the receiver includes a secure element in which the private key is stored; 
the steps of decrypting the contents, storing the long-term key, and using the long- 
term key and the key derivation value to obtain the short-term key are carried out in the 
20 secure element. 

3. The method set forth in claim 1 wherein the first message further includes first 
authentication information; and the method further comprises the steps of: 

using the first authentication information to determine whether the first message is 
25 authentic; and 

disregarding the first message if the first message is not authentic. 
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4. The method set forth in claim 3 wherein: 

the receiver has a public key for an entitlement agent- 

the di.er" ' ' -sage 

th .gestbemgencryptedwithaprivatekeycorxesp^^^^^^ ' 
entitlement agent; and / uie 

the step of using the first authentication infom^ation includes the steps of: 
makmg a new digest of the information in the first message- 
decrypting the first authentication information; and 
comparing the new digest with the dec^^pted first authentication 
mfonnat,on, the first message being authentic when the two are the same. " 

5. " The method.set forth in claim 4 wherein: 

_ ^ — e.=™„. i„ Which *e public ke, fe, ,„,,,„^, 

agent and fte pnvate key for ftc receiver ar» stored; and 

^ *= ^«P=°"-^ting the contents, storing the ,o„g-,e™ key, using u,e firs, 
u*e-..on infomtation, and using the ,ong..e,m key and the key deriva L vaiue to 

obtatn the short-tem key are carried out in the secure eletnent. 

«■ ■niemethodsetfonhinciaiml, wherein: 

^ .he first message and the secondmessage each includes an indication of an 

entitlementagent; 

d,e step of storing the iong-tem, key includes the step of associating the ,o„g-teta 
key „..h the entitlement agent identified by the indication in the first ntessage- and 

.gent int '^^'^^ «-= indication of the entitlement 

agent ,n the second message to locate the stored long-tenn key. 
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7. The method set forth in claim 6, wherein: 

the first message and the second message each further includes a key identifier for 
the long-tenn key; 

the step of storing the long-term key further includes the step of associating the 
long-term key with the key identifier from the first message; and 

the method further comprises the step of using the key identifier from the second 
message to locate the long-term key. ■ 

8. The method set forth in claim 7 wherein; 

the second message further includes an entitlement specifier specifying an 
entitlement; and 

the method further comprises the steps of: 

receiving a third message in the receiver, the contents of the third message 
including an entitlement agent specifier and an entitlement specifier and the contents of 
the third message having been encrypted using the public key for the receiver; 

using the private key to decrypt the contents of the third message; 

storing the entitlement specifier in association with the entitlement agent 
specified by the entitlement agent specifier; and 

determining whether the entitlement specifier in the second message 
matches a stored entitlement specifier associated with the entitlement agent specified in 
the second message, and performing the step of using the key derivation value and the 
long-term key to obtain the short-term key only if a match is found. 

9. The method set forth in claim 8 wherein: 
there is a plurality of entitlement agents; 

a plurality of long-term keys are associated with a given entitlement agent; and 
a plurality of entitlements are associated with a given entitlement agent. 
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1 0. The method set forth in claim 8 wherein: 

*'-^-'''--"'^=™ei=n,emi„whi.hftepriva,ek=yforaereceiveris 

Stored; and 

fte secure elemem perfom,, tt,e steps of decrypting U,e contents of a= fc, 
™ dectypting the contents of the third ntessage; storing tite long-tenn key; storing 
*e ent. en,e„t specifier in association with the entitientent agent. t.ing the indication of 
the entttlemen. agent; determining whether Ae entitlement specifier in the second 
message matches a stored entitlement specifier; using the icey idenUfier from the second 
message to iocate the long-term key; and using the key derivation vaiue.and the iong-tenn 
key to. Obtain the Short term key. - ng lerni 

11. The method set forth in claim 6 wherein: 

the second message further includes an entitlemem specifier; and 
the method further comprises the steps of; 

receiving a third message in the receiver, the contents of the third message 
ncludm, an entitlement agent specifier and an entitlement specifier and the third message 
havmg been encrypted using the public key for the receiver; 

using the private key to decrypt the contents of the third message- 
storing the entitlement specifier in association with the entitlement agent 



specified by the entitlement agent specifier; and 

determining whether the entitlement specifier in tl.e second message 
matches a stored entitlement specifier assorted with the entiUement agent specified i. 
he second message, and performing the step of using the key derivation value and the 
long-term key to obtain the short-tenn key only if a match is found. 

12. Themethodsetforth.inclaim.il wherein: 

there is a plurality of entitlement agents; and 

a plurality of entitlements are associated with a given entitlement agent. 
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13. The method set forth in claim 1 1 wherein: 

the receiver includes a secure element in which the private key for the receiver is 
stored; and 

the secure element performs the steps of 

decrypting the contents of the first message, 
^ decrypting the contents of the second message, 

storing the long-term key, 

storing the entitlement specifier in association with the entitlement agent, 
using the indication of the entitlement agent, 

determining whether the entitlement specifier in the second message 
matches a stored entitlement specifier; and 

using the key derivation value and the long-term key to obtain the short 

term key. 

14. The method set forth in claim .9 wherein: 

the third message further includes authentication information; and 
the method further comprises the steps of: 



not authentic. 

15. The method set forth in claim 1 4 wherein: 

the receiver has a public key for an entitlement agent; 

the authentication information is a digest of information in the third message 
which has been encrypted with a private key corresponding to the public key for the 
entitlement agent; and 

the step of using the first authentication information includes the steps of: 
making a new digest of the information in the third message; 
decrypting the authentication information; and 

comparing the new digest with the decrypted authentication information, 
the third message being authentic if the two are the same. 
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16. A n,emod of enablmg a receiver ,ha. has a public key .„ decrypt an i„„a„,, , 
sendee .ha. has been e„co-p.ed wift a sl,or,..erm key, ,he .e.hod comprising U,e steps of 
us,ng ,he public key ,o encryp. contend of a firs, message, fte contents including ' 
a long-temi key; ^ 

sending the first message to the receiver; 

-"^-S^-O""— ge.o*e ..ceiver together With the enctypted instance Of 
the service, the second message including a key derivation value- and 

*"--er responding to the first message by dectypdng the contents and storing 
the long-tenn key and responding to the second message by using the key derivation 

value and the long-tenn key to obtain the shori-tenn key and using the short-term key to 
decrypt the instance of the service. 



17. The method set forth in claim 1 6 wherein fte public key for the receiver is stored 

in a certified form. 



18. The method set forth in claim 16 further comprising the steps of 
obtaining the long-term key from a secure element in which it is stored; and 
usmg the long-tenn key to produce the short-term key. 

19. The method set forth in claim 16 further comprising the step of: 

adding first authentication infonnation to the first message, wherein the receiver 
uses the first authentication information to check the authenticity of the first message and 
stores the long-term key in response to the first message only if the authenticity of the 
first message is confirmed. 

20. The method set forth in claim 1 9 wherein: 

the receiver has a public key for an entitlement agent; 

the step of adding first authentication infonnation includes the step of making an 
encrypted digest of information in the first message, the digest being encrypted with a 
pnvate key corresponding to the public key for the entitlement agent and 

the receiver checks the authenticity of the first message by making a new digest of 
the mformation in the first message, using the public key for the entitlement agent to 
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decrypt the first authentication information, and comparing the new digest with the 
decrypted first authentication information, the first message being authentic if the two are 
the same. 

21 . The method set forth in claim 20, further comprising the step of: 

adding second authentication information to the second message, the receiver 
using the second authentication information to determine whether the second message is 
authentic and disregarding the second message if the second message is not authentic. 

22. The method set forth in claim 21 wherein: 

the second message is associated with an entitlement agent; 

the step of adding second authentication information includes the step of making a 
digest of information in the second message and a secret shared by the entitlement agent 
and the receiver; and 

the receiver checks the authenticity of the second message by making a new digest 
of the information in the second message and the shared secret and comparing the new 
digest with the digest of the second message, the second message being authentic if the 
two are the same. 

23. The method set forth in claim 22 wherein: 

the shared secret includes at least a portion of the long-term key. 

24. The method set forth in claim 23 wherein: 

the long-term key is stored in a secure element; and 

the step of making the digest is carried out in the secure element. 

• , 

25. The method set forth in claim 20 wherein: 

the private key for the entitlement agent arid the long-term key are stored in a 
secure element; 

the public key is stored in a certified form; and 

the steps of using the public key for the receiver to encrypt the first message and 
making the encrypted digest are carried out in the secure element. 
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26. The method set forth in claim 25 fimher comprising the steps of: 
obtaining the long-term key from the secure element; and 
usmg the long-term key to produce the short-term key. 

27. The method set forth in claim 16 wherein: 

the first message and the second message each includes an indication of an 
entitlement agent; and 

-te receiver fimher responds ,o ,he first message by associrtng the l„„g.,enn key 
w,th the entWemem agen, idenUfled by the indication in the first message and responds to 
the second message by using the indication of the entitlement agent in a,c second message 
to locate the stored long-term key. 

28. The method set forth in claim 27 wherein: 

the first message and the second message each fiaxther includes a key identifier for 
the long-tenn key, the receiver further responding to the first message by associating the 
long-term key with the key identifier from the first message and responding to the second 
message by usmg the key identifier from the second message to locate the long-tern. key. 

"29. The method set forth in claim 28 wherein: 

the second message further includes an entitiement specifier specifying an 

entitlement; and 

the method further comprises the step of sending a third message to the receiver - 
the contents of the third message including an entitlement agem specifier and an 

entulement specifier and the contents of the third message having been encrypted using 
the public key for the receiver; and 

the receiver responds to the third message by using the private key to decrypt the 
contents of the third message, storing the entitlement specifier in association with the 
entitlement agent specified by the entitlement agent specifier, determining whether the 
entitlement specifier in the second message matches a stored entitlement specifier 
associated with the entitlement agent specified in the second message, and performing the 
step of using the key derivation value and the long-term key to obtain the short-term key 
only if a match is found. 
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30. The method set forth in claim 29 wherein: 
there is plurality of entitlement agents; 

a plurality of long-term keys are associated with a given entitlement agent; and 
a plurality of entitlements for at least one receiver are associated with a given 
entitlement agent. 

31. The method set forth in claim 27 wherein: 

the second message further includes an entitlement specifier specifying an 
entitlement; and 

the method further comprises the step of sending a third message to the receiver, 
the contents of the third message including an entitlement agent specifier and an 
entitlement specifier and the contents of the third message having been encrypted using 
the public key for the receiver, the receiver responding to the third message by using the 
private key to decrypt the contents of the third message, storing the entitlement specifier 
in association with the entitlement specifier in the second message matches a stored 
entitlement specifier associated with the entitlement agent specified in the second 
message, and performing the step of using the key derivation value and the long-term key 
to obtain the short-term key only if a match is found. 

32. The method set forth in claim 31 wherein: 
there is a plurality of entitlement agents; and 

a plurality of entitlements are associated with a given entitlement agent. 

33. The method set forth in claim 3 1 , further comprising the step of adding 
authentication information to the third message, the receiver using the authentication 
information to check the authenticity of the third message and storing the long-term key 
in response to the third message only if the authenticity of the third message is confirmed. 
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34. The method set forth in claim 33 wherein: 

the receiver has a public key for an entitlement agent; 

the step of adding authentication information includes the step of making an 
enc^ted digest of information in the third message, the digest being encrypted u.th a 
pnvate key corresponding to the public key for the entitlement agenf and 

the receiver checks the authenticity of the third message by making a new digest 
of the mfom^ation in the third message, using the public key for the entitlement aoent to 
decrypt the authentication infor...tion, and comparing the new digest with the decrypted 
authentication information, the third message being authentic if the two are the same. 

35. The method set forth in claim 34 wherein: 

the private key for the entitlement agent and the long-ten. kev are stored in a 

secured element; ' 

the public key is stored in a certified-form; and 

the steps of using the pubhc key tor the receiver to encryp, the third message and 
makmg the enc^^ted digest using the private key are carried out in the secur, element. 

36. A receiver for receiving and decrypUng an i„sance of a service that has been 

encrypted ™th a short-term key, the receiver having a public key, and the receiver 

comprising: 

a memory that contains the private key corresponding to the receiver's public key 
a service decryptor that uses the short-term key to decrypt the instance of the 

service; 

a first message inte^reter that responds ,o a firs, message received in the receiver 
the first message's contents, including a long-tenn key, having been encrypted using tire ' 
recetver's public key and the first message interpreter responding ,o .he first message by 
<ieco.pung the contents and stoting the long-tetm key in the memory; and 

a second message interpreter that responds to a second message received in the 
reecver together with the instance of the service, the second message's contents including 
a key derivation value and the second message intetpreter responding to the second 
message by using the key derivation value and the long-term key to obtain the shon-term 
key and providing the shori-lenn key to the service decryptor. 
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37. The receiver set forth in claim 36 further comprising: 

a secure element for implementing, at least in part, the mernory, the first message 
interpreter, and the second message interpreter and for storing, within the memory, the 
private key and the long-term key 

38. The receiver set forth in claim 36 wherein: 

the first message further includes first authentication information; and 

the first message interpreter further responds to the first message by using the first 

authentication information to determine whether the first message is authentic and 

disregarding the first message if the first message is not authentic. 

39. The method set forth in claim 38 wherein: 

a public key for an entitlement agent is stored in the memory; 

the first authentication information is a digest of information in the first message, 
the digest being encrypted with a private key corresponding to the public key for the 
entitlement agent; and 

the first message interpreter determines whether the first message is authentic by 
making a new digest of the information in the first message, decrypting the authentication 
information, and comparing the new digest with the decrypted first authentication 
information, the first message being authentic if the two are the same. 

40. The receiver set forth in claim 36, wherein: 

the second message further includes second authentication information; and 
the second message interpreter further responds to the second message by using 
the second authentication information to determine whether the second message is 
authentic and disregarding the second message if the second message is not authentic. 

41. The receiver of claim 40, wherein: 

the second message is associated with an entitlement agent; and 
the second message interpreter makes a digest of information in the second 
message and a secret shared by the entitlement agent and the receiver, wherein the 
receiver checks the authenticity of the second message by making a new digest of the 
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info^ation i„ «cond mes^ge and the shared secre, and comparing ,he new digest 
^v.* the digest of the second message, the second message being authentic when the two 

are the same. 



42^ Tl,e method of Cairn ,, wherein said teceiver is included in a set top tenninal of a 

cable television system. 



43. me method of claim 42, wherein said instance of service is transmitted in a 
downstream direction from head end equipment of the cable television system to said set 

top terminal 



44. The method of claim 1 , wherein: 

said receiver is included in head end equipmem of a cable television system- 

satd first and second messages origitial in a se, top tenninal of the cable television 

system; - - 

said instance of service comprises data generated by said set top tenninal; and 
said long term key comprises a session key. 

45^ The method of claim 44, wherein said data is transmitted ups«eam, through the 
cable televtsion system, ftom said se, top temiinal to said head end equipment. 

46. The method of claim I , wherein: 

said first message comprises an entitlement management message including 
authorization information; 

said second message comprises an entitlement control message including service 
.denttficanon information that identifies the instance of service; and 

said instance is service is dectypted only when said service identification 
mformatton is equivalent ,o said authori^tion infotmafion, thereby preventing replay 
attacks on said instance of service. 
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